[***]            Summary:            [***]

1 new Open, 6 new Pro (1 + 5).  APT28, HKLM Winlogon Reg Persistence, Various Android.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2027939 - ET TROJAN Possible APT28 Maldoc CnC Checkin (trojan.rules)

Pro:

2838249 - ETPRO MOBILE_MALWARE Android/TrojanDropper.Agent.BLR CnC Beacon (mobile_malware.rules)
2838250 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Rootnik.ab CnC Beacon (mobile_malware.rules)
2838251 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Agent.gd Checkin (mobile_malware.rules)
2838252 - ETPRO INFO Inbound Registry Editor File - HKLM Winlogon Single Char EXE (Possible Persistence) (info.rules)
2838253 - ETPRO POLICY DNS Query to a *.loclx.io domain (loclx .io) (policy.rules)

Date: 
Sunday, September 1, 2019 - 22:00