[***] Summary: [***]
6 new Open, 12 new Pro (6 + 6). Plurox, Danabot, Memorial Loader.
[+++] Added rules: [+++]
Open:
2027497 - ET TROJAN Danabot CnC Checkin (trojan.rules)
2027498 - ET TROJAN Plurox CnC Domain in DNS Lookup (trojan.rules)
2027499 - ET TROJAN Plurox CnC Domain in DNS Lookup (trojan.rules)
2027500 - ET TROJAN Danabot UA Observed (trojan.rules)
2027501 - ET TROJAN Observed Turla Domain (vision2030 .tk in TLS SNI) (trojan.rules)
2027502 - ET TROJAN Turla DNS Lookup (vision2030 .cf) (trojan.rules)
Pro:
2836942 - ETPRO TROJAN QUEU Downloader CnC (trojan.rules)
2836943 - ETPRO TROJAN Memorial Loader CnC M1 (trojan.rules)
2836944 - ETPRO TROJAN Memorial Loader CnC M2 (trojan.rules)
2836945 - ETPRO TROJAN Textpadx CnC (trojan.rules)
2836946 - ETPRO TROJAN Observed Malicious SSL Cert (More_eggs CnC) (trojan.rules)
2836948 - ETPRO TROJAN Win32/Agent.TUA CnC Checkin (trojan.rules)
[///] Modified active rules: [///]
2016870 - ET POLICY Unsupported/Fake Internet Explorer Version MSIE 5. (policy.rules)
2826828 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-06-21 1) (trojan.rules)