[***]            Summary:            [***]

7 new OPEN, 18 new PRO (7 + 11). GoldenSpy, Rovnix, RHttpCtrl, BlackMoon, Kwapi, VARIOUS PHISHING.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

  2030392 - ET POLICY Suspicious Terse Request for .pif (policy.rules)
  2030393 - ET TROJAN Unk.PowerShell Reporting System Information
(trojan.rules)
  2030394 - ET TROJAN GoldenSpy CnC Activity (trojan.rules)
  2030395 - ET TROJAN Rovnix CnC Domain in DNS Query (trojan.rules)
  2030396 - ET TROJAN GoldenSpy CnC Activity (trojan.rules)
  2030397 - ET TROJAN RHttpCtrl Backdoor CnC (trojan.rules)
  2030398 - ET TROJAN RCtrl Backdoor CnC Checkin M2 (trojan.rules)

Pro:

  2843190 - ETPRO TROJAN BlackMoonRAT CnC Checkin (trojan.rules)
  2843191 - ETPRO TROJAN BlackMoonRAT CnC Keep-Alive (Outbound)
(trojan.rules)
  2843192 - ETPRO TROJAN Observed Malicious SSL Cert (Get2 CnC)
(trojan.rules)
  2843193 - ETPRO CURRENT_EVENTS Successful WeTransfer Phish 2020-06-25
(current_events.rules)
  2843194 - ETPRO CURRENT_EVENTS Successful AOL Phish 2020-06-25
(current_events.rules)
  2843195 - ETPRO CURRENT_EVENTS Successful Societe Generale Phish
2020-06-25 (current_events.rules)
  2843196 - ETPRO CURRENT_EVENTS Successful TIM Phish 2020-06-25
(current_events.rules)
  2843197 - ETPRO TROJAN MSIL/Filecoder.AAJ Variant CnC Host Checkin
(trojan.rules)
  2843198 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-06-25 1) (trojan.rules)
  2843199 - ETPRO TROJAN Win32/Kwapi CnC Checkin (trojan.rules)
  2843200 - ETPRO TROJAN Win32/Remcos RAT Checkin 469 (trojan.rules)

[///]     Modified active rules:     [///]

2823676 - ETPRO TROJAN Win32 QuasarRAT 1.3/VenomRAT Connectivity Check
(trojan.rules)