Daily Ruleset Update Summary
Daily Ruleset Update Summary 2020/01/09

[***]            Summary:            [***]

5 new Open, 30 new Pro (5 + 25).  W32/Kuping, ELF/Gafgyt, APT/TransparentTribe, and Various Phish.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2029241 - ET TROJAN APT/TransparentTribe Style Request (trojan.rules)
2029242 - ET TROJAN APT/TransparentTribe CnC Checkin (trojan.rules)
2029243 - ET POLICY External IP Lookup (whois .pconline .com .cn) (policy.rules)
2029244 - ET TROJAN Win32/PSW.QQPass.OZV Variant Checkin (trojan.rules)
2029245 - ET TROJAN Observed Malicious SSL Cert (ServHelper CnC) (trojan.rules)

Pro:

2840333 - ETPRO TROJAN ELF/Gafgyt Variant CnC Activity (trojan.rules)
2840334 - ETPRO TROJAN ELF/Gafgyt Variant CnC Server Response (trojan.rules)
2840335 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2020-01-09 1) (trojan.rules)
2840336 - ETPRO CURRENT_EVENTS Successful Microsoft Shared Document Phish 2020-01-09 (current_events.rules)
2840337 - ETPRO CURRENT_EVENTS Successful Microsoft Shared Document Phish 2020-01-09 (current_events.rules)
2840338 - ETPRO CURRENT_EVENTS Successful Alibaba Phish 2020-01-09 (current_events.rules)
2840339 - ETPRO CURRENT_EVENTS Successful Alibaba Phish 2020-01-09 (current_events.rules)
2840340 - ETPRO CURRENT_EVENTS Successful Turkey Gov TR Phish 2020-01-09 (current_events.rules)
2840341 - ETPRO CURRENT_EVENTS Successful Square Phish 2020-01-09 (current_events.rules)
2840342 - ETPRO CURRENT_EVENTS Successful M&T Bank Phish 2020-01-09 (current_events.rules)
2840343 - ETPRO CURRENT_EVENTS Successful RBFCU Phish 2020-01-09 (current_events.rules)
2840344 - ETPRO CURRENT_EVENTS Successful Latam Airlines Phish 2020-01-09 (current_events.rules)
2840345 - ETPRO CURRENT_EVENTS Possible Successful Generic Phish 2020-01-09 (current_events.rules)
2840346 - ETPRO CURRENT_EVENTS Successful BCP Phish 2020-01-09 (current_events.rules)
2840347 - ETPRO CURRENT_EVENTS Successful Nubank Phish 2020-01-09 (current_events.rules)
2840348 - ETPRO CURRENT_EVENTS Successful Discover Phish 2020-01-09 (current_events.rules)
2840349 - ETPRO CURRENT_EVENTS Successful Discover Phish 2020-01-09 (current_events.rules)
2840350 - ETPRO MALWARE W32/Kuping Installation (malware.rules)
2840351 - ETPRO MALWARE W32/Kuping Commands (malware.rules)
2840352 - ETPRO TROJAN Win32/Buptenda.A Variant CnC Checkin (trojan.rules)
2840353 - ETPRO TROJAN Win32/Agent.AAON Variant CnC Activity (trojan.rules)
2840354 - ETPRO TROJAN MSIL/Injector.TWX Variant CnC Activity (trojan.rules)
2840355 - ETPRO MALWARE Win32/Adposhel.gen CnC Activity (malware.rules)
2840356 - ETPRO TROJAN Clown Ranswomare Telegram Checkin (trojan.rules)
2840357 - ETPRO TROJAN Observed Malicious SSL Cert (AZORult CnC) (trojan.rules)

[///]     Modified active rules:     [///]

2029234 - ET TROJAN Mermaid Ransomware Variant CnC Activity M1 (trojan.rules)
2840163 - ETPRO TROJAN Win32/PredatorTheThief CnC Activity (trojan.rules)

[---]         Disabled rules:        [---]

2029240 - ET TROJAN Win32/Filecoder.NZK Variant (trojan.rules)

Date:
Summary title:
5 new Open, 30 new Pro (5 + 25). W32/Kuping, ELF/Gafgyt, APT/TransparentTribe, and Various Phish.