[***] Summary: [***]
1 new Open, 6 new Pro (1 + 5). APT28, HKLM Winlogon Reg Persistence, Various Android.
Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback
[+++] Added rules: [+++]
Open:
2027939 - ET TROJAN Possible APT28 Maldoc CnC Checkin (trojan.rules)
Pro:
2838249 - ETPRO MOBILE_MALWARE Android/TrojanDropper.Agent.BLR CnC Beacon (mobile_malware.rules)
2838250 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Rootnik.ab CnC Beacon (mobile_malware.rules)
2838251 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Agent.gd Checkin (mobile_malware.rules)
2838252 - ETPRO INFO Inbound Registry Editor File - HKLM Winlogon Single Char EXE (Possible Persistence) (info.rules)
2838253 - ETPRO POLICY DNS Query to a *.loclx.io domain (loclx .io) (policy.rules)