[***] Summary: [***]
10 new Open, 19 new Pro (10 + 9). LYCEUM MSIL/DanBot, Spelevo EK, Remcos.
Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback
[+++] Added rules: [+++]
Open:
2027921 - ET TROJAN LYCEUM MSIL/DanBot CnC Checkin (trojan.rules)
2027922 - ET TROJAN LYCEUM CnC Domain Observed in DNS Query (trojan.rules)
2027923 - ET TROJAN LYCEUM CnC Domain Observed in DNS Query (trojan.rules)
2027924 - ET TROJAN LYCEUM CnC Domain Observed in DNS Query (trojan.rules)
2027925 - ET TROJAN LYCEUM CnC Domain Observed in DNS Query (trojan.rules)
2027926 - ET TROJAN LYCEUM CnC Domain Observed in DNS Query (trojan.rules)
2027927 - ET TROJAN LYCEUM CnC Domain Observed in DNS Query (trojan.rules)
2027928 - ET TROJAN LYCEUM CnC Domain Observed in DNS Query (trojan.rules)
2027929 - ET TROJAN LYCEUM CnC Domain Observed in DNS Query (trojan.rules)
2027930 - ET TROJAN LYCEUM CnC Domain Observed in DNS Query (trojan.rules)
Pro:
2838211 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Agent.em / BankBot CnC Beacon 2 (mobile_malware.rules)
2838212 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC) (trojan.rules)
2838213 - ETPRO TROJAN Observed Malicious SSL Cert (PsiXBot CnC) (trojan.rules)
2838214 - ETPRO CURRENT_EVENTS Spelevo EK Landing 2019-08-28 (current_events.rules)
2838215 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-08-28 1) (trojan.rules)
2838216 - ETPRO TROJAN Win32/Remcos RAT Checkin 141 (trojan.rules)
2838217 - ETPRO TROJAN Win32/Remcos RAT Checkin 138 (trojan.rules)
2838218 - ETPRO TROJAN Win32/Remcos RAT Checkin 139 (trojan.rules)
2838219 - ETPRO TROJAN Win32/Remcos RAT Checkin 140 (trojan.rules)