Daily Ruleset Update Summary
Daily Ruleset Update Summary 2019/08/28

[***]            Summary:            [***]

10 new Open, 19 new Pro (10 + 9).  LYCEUM MSIL/DanBot, Spelevo EK, Remcos.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2027921 - ET TROJAN LYCEUM MSIL/DanBot CnC Checkin (trojan.rules)
2027922 - ET TROJAN LYCEUM CnC Domain Observed in DNS Query (trojan.rules)
2027923 - ET TROJAN LYCEUM CnC Domain Observed in DNS Query (trojan.rules)
2027924 - ET TROJAN LYCEUM CnC Domain Observed in DNS Query (trojan.rules)
2027925 - ET TROJAN LYCEUM CnC Domain Observed in DNS Query (trojan.rules)
2027926 - ET TROJAN LYCEUM CnC Domain Observed in DNS Query (trojan.rules)
2027927 - ET TROJAN LYCEUM CnC Domain Observed in DNS Query (trojan.rules)
2027928 - ET TROJAN LYCEUM CnC Domain Observed in DNS Query (trojan.rules)
2027929 - ET TROJAN LYCEUM CnC Domain Observed in DNS Query (trojan.rules)
2027930 - ET TROJAN LYCEUM CnC Domain Observed in DNS Query (trojan.rules)

Pro:

2838211 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Agent.em / BankBot CnC Beacon 2 (mobile_malware.rules)
2838212 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC) (trojan.rules)
2838213 - ETPRO TROJAN Observed Malicious SSL Cert (PsiXBot CnC) (trojan.rules)
2838214 - ETPRO CURRENT_EVENTS Spelevo EK Landing 2019-08-28 (current_events.rules)
2838215 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-08-28 1) (trojan.rules)
2838216 - ETPRO TROJAN Win32/Remcos RAT Checkin 141 (trojan.rules)
2838217 - ETPRO TROJAN Win32/Remcos RAT Checkin 138 (trojan.rules)
2838218 - ETPRO TROJAN Win32/Remcos RAT Checkin 139 (trojan.rules)
2838219 - ETPRO TROJAN Win32/Remcos RAT Checkin 140 (trojan.rules)

Date:
Summary title:
10 new Open, 19 new Pro (10 + 9). LYCEUM MSIL/DanBot, Spelevo EK, Remcos.