[***]            Summary:            [***]

2 new Open, 38 new Pro (2 + 36). Mermaid Ransomware, Fpox, Mirai Variants, Various Phishing.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2029320 - ET TROJAN Mermaid Ransomware Variant CnC Activity M2 (trojan.rules)
2029321 - ET TROJAN Mermaid Ransomware Variant CnC Activity M3 (trojan.rules)

Pro:

2840619 - ETPRO TROJAN Win32/Fpox Data Exfil (trojan.rules)
2840620 - ETPRO TROJAN Observed Malicious SSL Cert (MalDoc DL 2020-01-24) (trojan.rules)
2840621 - ETPRO MALWARE Observed Malicious SSL Cert (MalDoc DL 2020-01-24 2) (malware.rules)
2840622 - ETPRO TROJAN Suspicious Zipped Filename in Outbound POST Request (Chrome_Default_Cookies) (trojan.rules)
2840623 - ETPRO TROJAN Suspicious Zipped Filename in Outbound POST Request (Chrome_Default_Autocomplete) (trojan.rules)
2840624 - ETPRO TROJAN Suspicious Zipped Filename in Outbound POST Request (Chrome_Default_Cookies) (trojan.rules)
2840625 - ETPRO TROJAN Suspicious Zipped Filename in Outbound POST Request (Chrome_Default_Credit_Cards) (trojan.rules)
2840626 - ETPRO TROJAN Suspicious Zipped Filename in Outbound POST Request (Chrome_Default_History) (trojan.rules)
2840628 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2020-01-24 1) (trojan.rules)
2840629 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2020-01-24 2) (trojan.rules)
2840630 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-01-24 (current_events.rules)
2840631 - ETPRO CURRENT_EVENTS Successful Nubank Phish 2020-01-24 (current_events.rules)
2840632 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2020-01-24 (current_events.rules)
2840633 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2020-01-24 (current_events.rules)
2840634 - ETPRO CURRENT_EVENTS Successful Chase Phish 2020-01-24 (current_events.rules)
2840635 - ETPRO CURRENT_EVENTS Successful Comcast/Xfinity Phish 2020-01-24 (current_events.rules)
2840636 - ETPRO CURRENT_EVENTS Successful Comcast/Xfinity Phish 2020-01-24 (current_events.rules)
2840637 - ETPRO CURRENT_EVENTS Successful Spark NZ Phish 2020-01-24 (current_events.rules)
2840638 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2020-01-24 (current_events.rules)
2840639 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2020-01-24 (current_events.rules)
2840640 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2020-01-24 (current_events.rules)
2840641 - ETPRO CURRENT_EVENTS Successful Santander Phish 2020-01-24 (current_events.rules)
2840642 - ETPRO CURRENT_EVENTS Successful Verizon Phish 2020-01-24 (current_events.rules)
2840643 - ETPRO CURRENT_EVENTS Successful Verizon Phish 2020-01-24 (current_events.rules)
2840644 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2020-01-24 (current_events.rules)
2840645 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2020-01-24 (current_events.rules)
2840646 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2020-01-24 (current_events.rules)
2840647 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2020-01-24 (current_events.rules)
2840648 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2020-01-24 (current_events.rules)
2840649 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2020-01-24 (current_events.rules)
2840650 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2020-01-24 (current_events.rules)
2840651 - ETPRO TROJAN ELF/Mirai User-Agent Observed (Outbound) (trojan.rules)
2840652 - ETPRO SCAN ELF/Mirai User-Agent Observed (Inbound) (scan.rules)
2840653 - ETPRO TROJAN Win32/TrojanDownloader.Chindo Variant CnC Activity (trojan.rules)
2840654 - ETPRO TROJAN Win32/Remcos RAT Checkin 316 (trojan.rules)
2840655 - ETPRO TROJAN Discord Token Grabber Exfil Attempt (trojan.rules)

[///]     Modified active rules:     [///]

2029234 - ET TROJAN Mermaid Ransomware Variant CnC Activity M1 (trojan.rules)
2839927 - ETPRO TROJAN Banload Variant Checkin (trojan.rules)

Date: 
Thursday, January 23, 2020 - 22:00