[***]            Summary:            [***]

2 new Open, 30 new Pro (2 + 28).  FlawedAmmyy, Remcos, Android/Agent.BEA, Various Phish.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2027649 - ET USER_AGENTS Observed Suspicious UA (zwt) (user_agents.rules)
2027650 - ET USER_AGENTS Observed Suspicious UA (My Agent) (user_agents.rules)

Pro:

2837138 - ETPRO MOBILE_MALWARE Android/Agent.BEA CnC Beacon (mobile_malware.rules)
2837139 - ETPRO MOBILE_MALWARE Android/Agent.BEA CnC Beacon 2 (mobile_malware.rules)
2837140 - ETPRO MOBILE_MALWARE Android/Agent.BEA CnC Beacon 3 (mobile_malware.rules)
2837141 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Boogr.gsh CnC Beacon 15 (mobile_malware.rules)
2837143 - ETPRO CURRENT_EVENTS Successful DHL Phish 2019-06-30 (current_events.rules)
2837144 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-06-30 (current_events.rules)
2837145 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2019-06-30 (current_events.rules)
2837146 - ETPRO CURRENT_EVENTS Successful Western Union Phish 2019-06-30 (current_events.rules)
2837147 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-06-30 (current_events.rules)
2837148 - ETPRO CURRENT_EVENTS Successful Huntington Bank Phish 2019-07-01 (current_events.rules)
2837149 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-07-01 (current_events.rules)
2837150 - ETPRO CURRENT_EVENTS Successful Spotify Phish 2019-07-01 (current_events.rules)
2837151 - ETPRO CURRENT_EVENTS Successful Santander Phish 2019-07-01 (current_events.rules)
2837152 - ETPRO CURRENT_EVENTS Successful Santander Phish 2019-07-01 (current_events.rules)
2837153 - ETPRO CURRENT_EVENTS Successful Snapchat Phish 2019-07-01 (current_events.rules)
2837154 - ETPRO CURRENT_EVENTS Successful Scotiabank Phish 2019-07-01 (current_events.rules)
2837155 - ETPRO CURRENT_EVENTS Successful Cpanel Webmail Phish 2019-07-01 (current_events.rules)
2837156 - ETPRO CURRENT_EVENTS Successful Outlook Web App Phish 2019-07-01 (current_events.rules)
2837157 - ETPRO CURRENT_EVENTS Successful St. George Bank Phish 2019-07-01 (current_events.rules)
2837158 - ETPRO TROJAN Win32/Remcos RAT Checkin 103 (trojan.rules)
2837159 - ETPRO TROJAN Win32/Remcos RAT Checkin 104 (trojan.rules)
2837160 - ETPRO TROJAN Win32/Remcos RAT Checkin 105 (trojan.rules)
2837161 - ETPRO TROJAN Win32/Remcos RAT Checkin 106 (trojan.rules)
2837162 - ETPRO TROJAN Win32/Remcos RAT Checkin 107 (trojan.rules)
2837163 - ETPRO TROJAN Win32/Remcos RAT Checkin 108 (trojan.rules)
2837164 - ETPRO TROJAN Win32/FlawedAmmyy RAT Reporting System Details (trojan.rules)
2837165 - ETPRO TROJAN Win32/FlawedAmmyy RAT Reporting Loader Results (trojan.rules)
2837166 - ETPRO TROJAN Win32/FlawedAmmyy RAT Reporting Installed Software (trojan.rules)

[///]     Modified active rules:     [///]

2017318 - ET CURRENT_EVENTS SUSPICIOUS IRC - PRIVMSG *.(exe|tar|tgz|zip)  download command (current_events.rules)
2810991 - ETPRO TROJAN SEDNIT CnC Beacon 1 (trojan.rules)
2835255 - ETPRO CURRENT_EVENTS Possible MalDoc DL 2019-03-08 (current_events.rules)
2837092 - ETPRO TROJAN Win32/Various Unusual POST to ip-api .com (trojan.rules)

Date: 
Sunday, June 30, 2019 - 22:00