[***]            Summary:            [***]

  14 new Open, 41 new Pro (14 + 27).  DCRat, Redkeeper, Various Android,
Various Phish, Others.

  Suricata 2/3 Support from Emerging Threats will become End-Of-Life
TOMORROW! (April 15th, 2020)

  Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

  2029897 - ET TROJAN DCRat CnC Activity (trojan.rules)
  2029898 - ET TROJAN Observed DNS Query to Redkeeper Ransomware Domain
(trojan.rules)
  2029899 - ET CURRENT_EVENTS Spotify Phishing Landing 2020-04-14
(current_events.rules)
  2029900 - ET WEB_CLIENT Generic Webshell Password Prompt Accessed on
External Compromised Server (web_client.rules)
  2029901 - ET WEB_SERVER Generic Webshell Password Prompt Accessed on
Internal Compromised Server (web_server.rules)
  2029902 - ET WEB_CLIENT WSO Webshell Password Prompt Accessed on External
Compromised Server (web_client.rules)
  2029903 - ET WEB_SERVER WSO Webshell Password Prompt Accessed on Internal
Compromised Server (web_server.rules)
  2029904 - ET WEB_CLIENT Leaf PHPMailer Accessed on External Server
(web_client.rules)
  2029905 - ET WEB_SERVER Leaf PHPMailer Accessed on Internal Server
(web_server.rules)
  2029906 - ET WEB_CLIENT Owl PHPMailer Accessed on External Server
(web_client.rules)
  2029907 - ET WEB_SERVER Owl PHPMailer Accessed on Internal Server
(web_server.rules)
  2029908 - ET WEB_CLIENT Generic Webshell Password Prompt Accessed on
External Compromised Server (web_client.rules)
  2029909 - ET WEB_SERVER Generic Webshell Password Prompt Accessed on
Internal Compromised Server (web_server.rules)
  2029910 - ET TROJAN Suspected SPECULOOS Backdoor CnC Init Packet
Masquerading as SNI Request to live .com (trojan.rules)

Pro:

  2842005 - ETPRO MOBILE_MALWARE Android/MTK.M Checkin
(mobile_malware.rules)
  2842006 - ETPRO MOBILE_MALWARE Android/Huirw.A Checkin
(mobile_malware.rules)
  2842007 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Jocker.t Checkin
(mobile_malware.rules)
  2842008 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Anubis /
Cerberus-W Checkin (mobile_malware.rules)
  2842009 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Anubis /
Cerberus-W Checkin 2 (mobile_malware.rules)
  2842010 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Jocker.z Checkin
(mobile_malware.rules)
  2842011 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Jocker.ae Checkin
(mobile_malware.rules)
  2842012 - ETPRO TROJAN Possible Gamaredon APT External Template Request
for .dot (trojan.rules)
  2842013 - ETPRO TROJAN Possible Unk.MSIL/Agent.BLR Keep-Alive (Outbound)
(trojan.rules)
  2842014 - ETPRO TROJAN Possible Unk.MSIL/Agent.BLR Keep-Alive (Inbound)
(trojan.rules)
  2842015 - ETPRO CURRENT_EVENTS Successful Hulu Phish 2020-04-14
(current_events.rules)
  2842016 - ETPRO CURRENT_EVENTS Successful Santander Phish 2020-04-14
(current_events.rules)
  2842017 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2020-04-14
(current_events.rules)
  2842018 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2020-04-14
(current_events.rules)
  2842019 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-04-14 1) (trojan.rules)
  2842020 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-04-14 2) (trojan.rules)
  2842021 - ETPRO CURRENT_EVENTS Successful Outlook Web App Phish
2020-04-14 (current_events.rules)
  2842022 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2020-04-14
(current_events.rules)
  2842023 - ETPRO CURRENT_EVENTS Successful ICS Phish 2020-04-14
(current_events.rules)
  2842024 - ETPRO CURRENT_EVENTS Successful Chase Phish 2020-04-14
(current_events.rules)
  2842025 - ETPRO TROJAN Win32/Filecoder.OAY Variant Host Checkin
(trojan.rules)
  2842026 - ETPRO TROJAN Win32/DllInject.HS Variant (trojan.rules)
  2842027 - ETPRO TROJAN SSL/TLS Certificate Observed (JSSLoader)
(trojan.rules)
  2842028 - ETPRO TROJAN JSSLoader CnC Host Checkin (trojan.rules)
  2842029 - ETPRO TROJAN Common PowerShell Backdoor Structure Inbound
(trojan.rules)
  2842030 - ETPRO TROJAN Win32/Crypt.FKM CnC Checkin (trojan.rules)
  2842031 - ETPRO TROJAN Win32/Crypt.FKM CnC Response (trojan.rules)

Date:
Summary title:
14 new Open, 41 new Pro (14 + 27). DCRat, Redkeeper, Various Android, Various Phish, Others.