[***]            Summary:            [***]

6 new Open, 12 new Pro (6 + 6). Plurox, Danabot, Memorial Loader.

[+++]          Added rules:          [+++]

Open:

2027497 - ET TROJAN Danabot CnC Checkin (trojan.rules)
2027498 - ET TROJAN Plurox CnC Domain in DNS Lookup (trojan.rules)
2027499 - ET TROJAN Plurox CnC Domain in DNS Lookup (trojan.rules)
2027500 - ET TROJAN Danabot UA Observed (trojan.rules)
2027501 - ET TROJAN Observed Turla Domain (vision2030 .tk in TLS SNI) (trojan.rules)
2027502 - ET TROJAN Turla DNS Lookup (vision2030 .cf) (trojan.rules)

Pro:

2836942 - ETPRO TROJAN QUEU Downloader CnC (trojan.rules)
2836943 - ETPRO TROJAN Memorial Loader CnC M1 (trojan.rules)
2836944 - ETPRO TROJAN Memorial Loader CnC M2 (trojan.rules)
2836945 - ETPRO TROJAN Textpadx CnC (trojan.rules)
2836946 - ETPRO TROJAN Observed Malicious SSL Cert (More_eggs CnC) (trojan.rules)
2836948 - ETPRO TROJAN Win32/Agent.TUA CnC Checkin (trojan.rules)

[///]     Modified active rules:     [///]

2016870 - ET POLICY Unsupported/Fake Internet Explorer Version MSIE 5. (policy.rules)
2826828 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-06-21 1) (trojan.rules)

Date: 
Wednesday, June 19, 2019 - 22:00