[***]            Summary:            [***]

5 new Open, 24 new Pro (5 + 19). Webshells, Win32/Azden.A, Various Phishing.

[+++]          Added rules:          [+++]

Open:

2027736 - ET EXPLOIT Possible WebShell GIF Upload (exploit.rules)
2027737 - ET EXPLOIT Possible WebShell JPEG Upload (exploit.rules)
2027738 - ET TROJAN Possible Outbound WebShell GIF (trojan.rules)
2027739 - ET TROJAN Possible Outbound WebShell JPEG (trojan.rules)
2027740 - ET TROJAN Observed Malicious SSL Cert (Ursnif CnC) (trojan.rules)

Pro:

2837615 - ETPRO MOBILE_MALWARE Android Trilomap Checkin (mobile_malware.rules)
2837616 - ETPRO POLICY OpenSSL Suspicious Demo Cert (CN=www .mydom .com) (policy.rules)
2837617 - ETPRO TROJAN Likely Hostile DNS Query for Hex Encoded IP Address as Domain Name (trojan.rules)
2837618 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-22 1) (trojan.rules)
2837619 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-22 2) (trojan.rules)
2837620 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-22 3) (trojan.rules)
2837621 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-22 5) (trojan.rules)
2837622 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-22 6) (trojan.rules)
2837623 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-22 7) (trojan.rules)
2837624 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-22 4) (trojan.rules)
2837625 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-22 8) (trojan.rules)
2837626 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-07-22 (current_events.rules)
2837627 - ETPRO CURRENT_EVENTS Successful Standard Bank Phish 2019-07-22 (current_events.rules)
2837628 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-07-22 (current_events.rules)
2837629 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-07-22 (current_events.rules)
2837630 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-07-22 (current_events.rules)
2837631 - ETPRO TROJAN Win32/Azden.A CnC Checkin (trojan.rules)
2837632 - ETPRO USER_AGENTS Win32/MegaSearch Adware Related UA (user_agents.rules)
2837633 - ETPRO MALWARE Win32/MegaSearch Adware Checkin (malware.rules)

[///]     Modified active rules:     [///]

2808874 - ETPRO TROJAN Trojan.Win32.Kilva Checkin (trojan.rules)
2810991 - ETPRO TROJAN SEDNIT CnC Beacon 1 (trojan.rules)

[---]         Disabled rules:        [---]

2827580 - ETPRO TROJAN W32/Emotet.v4 Checkin 2 (trojan.rules)
2828008 - ETPRO TROJAN W32/Emotet.v4 Checkin 3 (trojan.rules)

Date: 
Sunday, July 21, 2019 - 22:00