[***]            Summary:            [***]

1 new Open, 47 new Pro (1 + 46). Trojan.Win32.FlyStudio.u, Evil Keitaro Set-Cookie, More_eggs CnC, Various Phish, Win32/Remcos, Razcrypter.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2029340 - ET INFO TLS Handshake Failure (info.rules)

Pro:

2804556 - ETPRO MALWARE Trojan.Win32.FlyStudio.u Checkin (malware.rules)
2807360 - ETPRO MALWARE FlyStudio.F Checkin (malware.rules)
2807972 - ETPRO MALWARE Win32/FlyStudio Activity (malware.rules)
2816626 - ETPRO MALWARE Win32/FlyStudio Activity 2 (malware.rules)
2832018 - ETPRO MALWARE Win32/FlyStudio/Agent.EW Variant CnC Checkin (malware.rules)
2840741 - ETPRO WEB_CLIENT Evil Keitaro Set-Cookie Inbound (0df9c) (web_client.rules)
2840742 - ETPRO TROJAN Observed Malicious SSL Cert (MalDoc Dl 2020-01-30) (trojan.rules)
2840743 - ETPRO TROJAN Observed Malicious SSL Cert (Get2 CnC) (trojan.rules)
2840744 - ETPRO TROJAN Observed More_eggs CnC Domain in TLS SNI (trojan.rules)
2840745 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2020-01-30 1) (trojan.rules)
2840746 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2020-01-30 2) (trojan.rules)
2840747 - ETPRO WEB_CLIENT Evil Keitaro Set-Cookie Inbound (7d75f) (web_client.rules)
2840749 - ETPRO POLICY SSL/TLS Certificate Observed for Paste Site (Rentry .co) (policy.rules)
2840750 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish 2020-01-30 (current_events.rules)
2840751 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2020-01-30 (current_events.rules)
2840752 - ETPRO CURRENT_EVENTS Successful PNC Phish 2020-01-30 (current_events.rules)
2840753 - ETPRO CURRENT_EVENTS Successful Postbank Phish 2020-01-30 (current_events.rules)
2840754 - ETPRO CURRENT_EVENTS Terse POST to Wordpress Folder - Probable Successful Phishing M7 (current_events.rules)
2840755 - ETPRO CURRENT_EVENTS Successful Chase Phish 2020-01-30 (current_events.rules)
2840756 - ETPRO CURRENT_EVENTS Successful Stripe Phish 2020-01-30 (current_events.rules)
2840757 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2020-01-30 (current_events.rules)
2840758 - ETPRO CURRENT_EVENTS Successful Generic Workspace Phish 2020-01-30 (current_events.rules)
2840759 - ETPRO CURRENT_EVENTS Successful America First Credit Union Phish 2020-01-30 (current_events.rules)
2840760 - ETPRO CURRENT_EVENTS Successful America First Credit Union Phish 2020-01-30 (current_events.rules)
2840761 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2020-01-30 (current_events.rules)
2840762 - ETPRO CURRENT_EVENTS Successful Nexi Phish 2020-01-30 (current_events.rules)
2840763 - ETPRO CURRENT_EVENTS Successful Nexi Phish 2020-01-30 (current_events.rules)
2840764 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2020-01-30 (current_events.rules)
2840765 - ETPRO MALWARE Win32/FlyStudio Variant CnC (malware.rules)
2840766 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2020-01-30 (current_events.rules)
2840767 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2020-01-30 (current_events.rules)
2840768 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2020-01-30 (current_events.rules)
2840769 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2020-01-30 (current_events.rules)
2840770 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2020-01-30 (current_events.rules)
2840771 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2020-01-30 (current_events.rules)
2840772 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2020-01-30 (current_events.rules)
2840773 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2020-01-30 (current_events.rules)
2840774 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2020-01-30 (current_events.rules)
2840775 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2020-01-30 (current_events.rules)
2840776 - ETPRO TROJAN Razcrypter Activity (trojan.rules)
2840779 - ETPRO TROJAN Win32/Remcos RAT Checkin 323 (trojan.rules)
2840780 - ETPRO TROJAN Win32/Remcos RAT Checkin 324 (trojan.rules)
2840781 - ETPRO TROJAN Observed Malicious SSL Cert (AZORult CnC) (trojan.rules)
2840782 - ETPRO TROJAN Observed Malicious SSL Cert (More_eggs CnC) (trojan.rules)

[///]     Modified active rules:     [///]

2018197 - ET MALWARE Win32.AdWare.iBryte.C Install  (malware.rules)
2808137 - ETPRO MALWARE Spyware PirritSuggestor.A (malware.rules)

Date: 
Wednesday, January 29, 2020 - 22:00