[***]            Summary:            [***]

6 new Open, 22 new Pro (6 + 16). Tunna, Android/Clicker.KN, Upatre, Various CoinMiner, and Win32/Packed.Themida Variant

[+++]          Added rules:          [+++]

Open:

2028578 - ET TROJAN Suspected Tunna Proxy M1 (Outbound) (trojan.rules)
2028579 - ET TROJAN Suspected Tunna Proxy M2 (Outbound) (trojan.rules)
2028580 - ET TROJAN Suspected Tunna Proxy M3 (Outbound) (trojan.rules)
2028581 - ET TROJAN Suspected Tunna Proxy M4 (Outbound) (trojan.rules)
2028582 - ET TROJAN Possible Tunna Proxy Activity (Response) (trojan.rules)
2028583 - ET TROJAN Possible Tunna Proxy Closing Connection (trojan.rules)

Pro:

2838448 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Rootnik.ab Checkin (mobile_malware.rules)
2838449 - ETPRO MOBILE_MALWARE Android/Agent.BAV Checkin (mobile_malware.rules)
2838450 - ETPRO MOBILE_MALWARE Android/Clicker.KN CnC Beacon 2 (mobile_malware.rules)
2838451 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-09 1) (trojan.rules)
2838452 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-09 2) (trojan.rules)
2838453 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-09 3) (trojan.rules)
2838454 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-09 4) (trojan.rules)
2838455 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-13 1) (trojan.rules)
2838456 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-13 2) (trojan.rules)
2838457 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-13 3) (trojan.rules)
2838458 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-13 4) (trojan.rules)
2838459 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-13 5) (trojan.rules)
2838460 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-13 6) (trojan.rules)
2838461 - ETPRO TROJAN Observed Upatre Domain (huyontop .com in TLS SNI) (trojan.rules)
2838462 - ETPRO TROJAN Win32/Packed.Themida Variant CnC Activity (trojan.rules)
2838463 - ETPRO MOBILE_MALWARE Android/Clicker.KN CnC Beacon (mobile_malware.rules)

[///]     Modified active rules:     [///]

2810650 - ETPRO TROJAN Win32/Bifrose Keepalive Outbound (trojan.rules)

[---]         Removed rules:         [---]

2804292 - ETPRO TROJAN Win32/Xtrat.B CnC Traffic (trojan.rules)

Date: 
Thursday, September 12, 2019 - 22:00