[***]            Summary:            [***]

7 new Open, 33 new Pro (7 + 26).  Buran Ransomware, WSHRAT, XSLoader, Various Phish.

[+++]          Added rules:          [+++]

Open:

2027443 - ET TROJAN Observed Buran Ransomware UA (BURAN) (trojan.rules)
2027444 - ET TROJAN Observed Buran Ransomware UA (GHOST) (trojan.rules)
2027445 - ET TROJAN Buran Ransomware Activity M2 (trojan.rules)
2027446 - ET TROJAN Buran Ransomware Activity M1 (trojan.rules)
2027447 - ET TROJAN WSHRAT CnC Checkin (trojan.rules)
2027448 - ET TROJAN WSHRAT Keylogger Module Download Command Inbound (trojan.rules)
2027449 - ET TROJAN WSHRAT Credential Dump Module Download Command Inbound (trojan.rules)

Pro:

2836744 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ic Contact Exfil via SMTP (mobile_malware.rules)
2836745 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz Contact Exfil via SMTP (mobile_malware.rules)
2836746 - ETPRO CURRENT_EVENTS Successful Generic Webmail Phish 2019-06-10 (current_events.rules)
2836747 - ETPRO CURRENT_EVENTS Successful MyNets Phish 2019-06-10 (current_events.rules)
2836748 - ETPRO CURRENT_EVENTS Successful Fifth Third Bank Phish 2019-06-10 (current_events.rules)
2836749 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-06-10 (current_events.rules)
2836750 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-06-10 (current_events.rules)
2836751 - ETPRO CURRENT_EVENTS Successful Banco Atlas Phish 2019-06-10 (current_events.rules)
2836752 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-06-10 1) (trojan.rules)
2836753 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-06-10 2) (trojan.rules)
2836754 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-06-10 3) (trojan.rules)
2836755 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-06-10 4) (trojan.rules)
2836756 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-06-10 5) (trojan.rules)
2836757 - ETPRO CURRENT_EVENTS Successful Generic Upgrade Webmail Phish 2019-06-10 (current_events.rules)
2836758 - ETPRO CURRENT_EVENTS Successful Banco Atlas Phish 2019-06-10 (current_events.rules)
2836759 - ETPRO CURRENT_EVENTS Successful Banco Atlas Phish 2019-06-10 (current_events.rules)
2836760 - ETPRO CURRENT_EVENTS Successful NAB Phish 2019-06-10 (current_events.rules)
2836761 - ETPRO CURRENT_EVENTS Successful BBVA Phish 2019-06-10 (current_events.rules)
2836762 - ETPRO TROJAN XSLoader CnC Host Information Checkin (trojan.rules)
2836763 - ETPRO CURRENT_EVENTS Successful Generic Login Verification Phish 2019-06-10 (current_events.rules)
2836764 - ETPRO CURRENT_EVENTS Successful Bank of America Herokuapp Phish 2019-06-10 (current_events.rules)
2836765 - ETPRO CURRENT_EVENTS Successful Banco Bradesco Phish 2019-06-10 (current_events.rules)
2836766 - ETPRO TROJAN Possible Java/Unk.Backdoor Style IP Address Check (trojan.rules)
2836767 - ETPRO TROJAN Redkeeper CVE-2019-0708 Probing (trojan.rules)
2836768 - ETPRO TROJAN AZORult Geolocation Lookup (set) (trojan.rules)
2836769 - ETPRO TROJAN AZORult Geolocation Lookup (trojan.rules)

Date: 
Sunday, June 9, 2019 - 22:00