[***]            Summary:            [***]

2 new Open, 42 new Pro (2 + 40). FxCodeShell, HYDSEVEN, Win32/Walera, Various Phishing.

[+++]          Added rules:          [+++]

Open:

2027514 - ET WEB_SERVER Observed FxCodeShell Web Shell Password (web_server.rules)
2027515 - ET TROJAN HYDSEVEN VBS CnC Host Information Checkin (trojan.rules)

Pro:

2837018 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Boogr.gsh CnC Beacon 14 (mobile_malware.rules)
2837019 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Boogr.gsh CnC Beacon 15 (mobile_malware.rules)
2837020 - ETPRO MOBILE_MALWARE Android/SMSreg.NK Checkin (mobile_malware.rules)
2837021 - ETPRO TROJAN ELF/Various IoT Botnet CnC Checkin M2 (trojan.rules)
2837022 - ETPRO TROJAN Win32/Walera CoinMiner CnC Checkin (trojan.rules)
2837023 - ETPRO TROJAN Win32/Unk.BeUNO Retrieving IP Address (trojan.rules)
2837024 - ETPRO CURRENT_EVENTS Successful IRS Phish 2019-06-25 (current_events.rules)
2837025 - ETPRO CURRENT_EVENTS Successful Generic Phish 2019-06-25 (current_events.rules)
2837026 - ETPRO CURRENT_EVENTS Successful Ministry of Transport PRoC Phish 2019-06-25 (current_events.rules)
2837027 - ETPRO CURRENT_EVENTS Successful Nationwide Bank Phish 2019-06-25 (current_events.rules)
2837028 - ETPRO CURRENT_EVENTS Successful Generic Microsoft Office Phish 2019-06-25 (current_events.rules)
2837029 - ETPRO CURRENT_EVENTS Successful Generic Account Validation FR Phish 2019-06-25 (current_events.rules)
2837030 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-06-25 (current_events.rules)
2837031 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-06-25 (current_events.rules)
2837032 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2019-06-25 (current_events.rules)
2837033 - ETPRO CURRENT_EVENTS Successful Apple iTunes Phish 2019-06-25 (current_events.rules)
2837034 - ETPRO CURRENT_EVENTS Successful Daum Phish 2019-06-25 (current_events.rules)
2837035 - ETPRO CURRENT_EVENTS Successful Naver Phish 2019-06-25 (current_events.rules)
2837036 - ETPRO CURRENT_EVENTS Successful Discover Phish 2019-06-25 (current_events.rules)
2837037 - ETPRO CURRENT_EVENTS Successful 1&1 Hosting Control Center Phish 2019-06-25 (current_events.rules)
2837038 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-06-25 1) (trojan.rules)
2837039 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-06-25 2) (trojan.rules)
2837040 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish 2019-06-25 (current_events.rules)
2837041 - ETPRO CURRENT_EVENTS Successful Adobe Document Cloud Phish 2019-06-25 (current_events.rules)
2837042 - ETPRO CURRENT_EVENTS Successful ING Phish 2019-06-25 (current_events.rules)
2837043 - ETPRO CURRENT_EVENTS Successful VK Phish 2019-06-25 (current_events.rules)
2837044 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-06-25 (current_events.rules)
2837045 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-06-25 (current_events.rules)
2837046 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-06-25 (current_events.rules)
2837047 - ETPRO CURRENT_EVENTS Successful MoneyGram Phish 2019-06-25 (current_events.rules)
2837048 - ETPRO CURRENT_EVENTS Successful MoneyGram Phish 2019-06-25 (current_events.rules)
2837049 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-06-25 (current_events.rules)
2837050 - ETPRO CURRENT_EVENTS Successful Linkedin Phish 2019-06-25 (current_events.rules)
2837051 - ETPRO TROJAN Win32/Korplug.MO CnC Checkin (trojan.rules)
2837052 - ETPRO TROJAN Observed Malicious SSL Cert (Gozi v3 CnC) (trojan.rules)
2837053 - ETPRO TROJAN Observed Malicious SSL Cert (Gozi v3 CnC) (trojan.rules)
2837054 - ETPRO TROJAN Win32/Unk Payload CnC Checkin (trojan.rules)
2837055 - ETPRO CURRENT_EVENTS Inbound JScript Executing Obfuscated WMIC os get (current_events.rules)
2837056 - ETPRO CURRENT_EVENTS Inbound JScript Executing Obfuscated cmd /c (current_events.rules)
2837057 - ETPRO TROJAN Win32/Tiggre!rfn Checkin (trojan.rules)

[///]     Modified active rules:     [///]

2836975 - ETPRO TROJAN AndroMut Checkin (2019-06-20)  (trojan.rules)

[---]  Disabled and modified rules:  [---]

2837010 - ETPRO TROJAN Oilrig Payload CnC Checkin (trojan.rules)

Date: 
Monday, June 24, 2019 - 22:00