[***]            Summary:            [***]

9 new Open, 35 new Pro (9 + 26).  Win32/Onliner, AndroidOS.TimpDoor, Various SSL/TLS, Various Phish.

Thanks @401TRG.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2027803 - ET MOBILE_MALWARE Trojan.AndroidOS.TimpDoor Module Download Request (mobile_malware.rules)
2027804 - ET MOBILE_MALWARE Trojan.AndroidOS.TimpDoor (purple .itraffic .click in DNS Lookup) (mobile_malware.rules)
2027805 - ET MOBILE_MALWARE Trojan.AndroidOS.TimpDoor (purple .m-ads .net in DNS Lookup) (mobile_malware.rules)
2027806 - ET MOBILE_MALWARE Trojan.AndroidOS.TimpDoor (drproxy .pro in DNS Lookup) (mobile_malware.rules)
2027807 - ET TROJAN Win32/Onliner CnC Checkin (trojan.rules)
2027808 - ET TROJAN Win32/Onliner Receiving Commands from CnC (trojan.rules)
2027809 - ET TROJAN Win32/Onliner Requesting Additional Modules (trojan.rules)
2027810 - ET TROJAN Win32/Onliner Mailer Module Communicating with CnC (trojan.rules)
2027811 - ET TROJAN Win32/Onliner Template 1 Active - Malicious Outbound Email Spam (trojan.rules)

Pro:

2837874 - ETPRO TROJAN Observed Malicious SSL Cert (Gozi Injects Server) (trojan.rules)
2837875 - ETPRO TROJAN Observed Malicious SSL Cert (Gozi Injects Server) (trojan.rules)
2837876 - ETPRO TROJAN Observed Malicious SSL Cert (Gozi Injects Server) (trojan.rules)
2837877 - ETPRO TROJAN Possible Predator the Thief CnC Activity (trojan.rules)
2837878 - ETPRO CURRENT_EVENTS Successful ING Phish 2019-08-06 (current_events.rules)
2837879 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish 2019-08-06 (current_events.rules)
2837880 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish 2019-08-06 (current_events.rules)
2837881 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-08-06 (current_events.rules)
2837882 - ETPRO CURRENT_EVENTS Successful Banca Sella Phish 2019-08-06 (current_events.rules)
2837883 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2019-08-06 (current_events.rules)
2837884 - ETPRO CURRENT_EVENTS Successful Globalance Bank Phish 2019-08-06 (current_events.rules)
2837885 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-08-06 (current_events.rules)
2837886 - ETPRO CURRENT_EVENTS Successful Caixa Phish 2019-08-06 (current_events.rules)
2837887 - ETPRO CURRENT_EVENTS Successful Chase Phish 2019-08-06 (current_events.rules)
2837888 - ETPRO CURRENT_EVENTS Successful Caixa Phish 2019-08-06 (current_events.rules)
2837892 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-08-06 1) (trojan.rules)
2837893 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-08-06 2) (trojan.rules)
2837894 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-08-06 3) (trojan.rules)
2837895 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-08-06 4) (trojan.rules)
2837896 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-08-06 5) (trojan.rules)
2837897 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif Injects CnC) (trojan.rules)
2837898 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC) (trojan.rules)
2837899 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif Injects CnC) (trojan.rules)

[///]     Modified active rules:     [///]

2014435 - ET TROJAN Infostealer.Banprox Proxy.pac Download (trojan.rules)
2016922 - ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (trojan.rules)

Date: 
Monday, August 5, 2019 - 22:00