Daily Ruleset Update Summary 2020/10/05

[***] Summary: [***]

3 new OPEN, 28 new PRO (3 + 25). MosaicRegressor, Win32/EvolvedThief, Win32/SantaCrypt Ransomware, Bazaloader, Win32/Remcos, HAKOPS Keylogger, VARIOUS PHISH.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++] Added rules: [+++]

Open:

2008052 - ET USER_AGENTS User-Agent (Internet Explorer)
(user_agents.rules)
2030962 - ET TROJAN Observed FinSpy Domain (browserupdate .download in
TLS SNI) (trojan.rules)
2030963 - ET TROJAN Observed Malicious SSL Cert (MosaicRegressor WinHTTP
Downloader) (trojan.rules)

Pro:

2814890 - ETPRO MALWARE Win32/Toolbar.MyWebSearch.Z Variant Checkin
(malware.rules)
2844758 - ETPRO TROJAN Win32/EvolvedThief CnC Checkin (trojan.rules)
2844759 - ETPRO TROJAN Likely Evil External Template Request for .dot
from NOIPDynDNS (trojan.rules)
2844760 - ETPRO TROJAN Win32/SantaCrypt Ransomware CnC Checkin via
Telegram (trojan.rules)
2844761 - ETPRO CURRENT_EVENTS MalDoc Retrieving Payload 2020-10-05
(current_events.rules)
2844762 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-10-03 1) (trojan.rules)
2844763 - ETPRO TROJAN SSL/TLS Certificate Observed (Bazaloader)
(trojan.rules)
2844764 - ETPRO TROJAN SSL/TLS Certificate Observed (Bazaloader)
(trojan.rules)
2844765 - ETPRO TROJAN Possible Bazaloader CnC Activity M1 (trojan.rules)
2844766 - ETPRO TROJAN Possible Bazaloader CnC Activity M2 (trojan.rules)
2844767 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2020-10-05 (current_events.rules)
2844768 - ETPRO CURRENT_EVENTS Successful NAB Phish 2020-10-05
(current_events.rules)
2844769 - ETPRO CURRENT_EVENTS Successful Generic Banking Phish
2020-10-05 (current_events.rules)
2844770 - ETPRO CURRENT_EVENTS Successful Docusign Phish 2020-10-05
(current_events.rules)
2844771 - ETPRO CURRENT_EVENTS Successful Generic Webmail Phish
2020-10-05 (current_events.rules)
2844772 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2020-10-05 (current_events.rules)
2844773 - ETPRO CURRENT_EVENTS Successful Netflix Phish 2020-10-05
(current_events.rules)
2844774 - ETPRO CURRENT_EVENTS Possible Successful Phish Hosted on
Beget.Tech (current_events.rules)
2844775 - ETPRO TROJAN Win32/Pterodo.AEZ CnC Host Checkin (trojan.rules)
2844776 - ETPRO TROJAN Win64/Derusbi CnC Checkin M1 (trojan.rules)
2844777 - ETPRO TROJAN Win64/Derusbi CnC Checkin M2 (trojan.rules)
2844778 - ETPRO TROJAN Win32/Remcos RAT Checkin 551 (trojan.rules)
2844779 - ETPRO TROJAN Win32/Remcos RAT Checkin 552 (trojan.rules)
2844780 - ETPRO TROJAN Win32/Remcos RAT Checkin 553 (trojan.rules)
2844781 - ETPRO TROJAN HAKOPS Keylogger Activity via SMTP (trojan.rules)

[///] Modified active rules: [///]

2013193 - ET MOBILE_MALWARE Android.CruseWin Retriving XML File from Hard
Coded CnC (mobile_malware.rules)
2017599 - ET TROJAN W32.Nemim Checkin (trojan.rules)
2018022 - ET TROJAN Possible Win32/Dimegup.A Downloading Image Common URI
Struct (trojan.rules)
2018554 - ET TROJAN Putter Panda HTTPClient CnC HTTP Request
(trojan.rules)
2019510 - ET MOBILE_MALWARE Android/Koler.C Checkin (mobile_malware.rules)
2020089 - ET TROJAN Win32/Htbot.B Checkin (trojan.rules)
2020891 - ET TROJAN Operation Buhtrap CnC Beacon 2 (trojan.rules)
2021723 - ET TROJAN AlphaCrypt CnC Beacon 3 (trojan.rules)
2021744 - ET TROJAN Win32/Reconyc.equo Checkin (trojan.rules)
2021775 - ET TROJAN AlphaCrypt Connectivity Check 1 (trojan.rules)
2021786 - ET CURRENT_EVENTS Unknown Malicious Second Stage Download URI
Struct Sept 15 2015 (current_events.rules)
2021922 - ET TROJAN StartPage Userclass HTTP Request (trojan.rules)
2021928 - ET MOBILE_MALWARE Android/Kemoge Checkin (mobile_malware.rules)
2022007 - ET TROJAN MWI Maldoc Load Payload (trojan.rules)
2022091 - ET TROJAN Trojan-Ransom.Win32.Blocker.dham Checkin
(trojan.rules)
2022127 - ET TROJAN MegalodonHTTP/LuciferHTTP Client Action (trojan.rules)
2022137 - ET MOBILE_MALWARE Trojan-Banker.AndroidOS.Acecard.c Checkin
(mobile_malware.rules)
2022146 - ET TROJAN Matryoshka CnC Beacon 1 (trojan.rules)
2022222 - ET POLICY External IP Lookup ip2nation.com (policy.rules)
2022243 - ET SCAN COMMIX Command injection scan attempt (scan.rules)
2022263 - ET EXPLOIT Joomla RCE M2 (Serialized PHP in UA) (exploit.rules)
2022264 - ET INFO Possible MSXMLHTTP Request (exe) unset (no exe)
(info.rules)
2022265 - ET INFO Possible MSXMLHTTP Request (msi) unset (no exe)
(info.rules)
2022266 - ET INFO Possible MSXMLHTTP Request (msp) unset (no exe)
(info.rules)
2022268 - ET EXPLOIT Joomla RCE M3 (Serialized PHP in XFF) (exploit.rules)
2022270 - ET TROJAN Possible Evil Macro Downloading Trojan Dec 16 2015
Post to EXE (trojan.rules)
2022296 - ET POLICY IOS Download from Vshare Marketplace (Possible
DarkSideLoading) (policy.rules)
2022297 - ET POLICY Android Download from Vshare Marketplace (Possible
DarkSideLoading) (policy.rules)
2022334 - ET TROJAN Malicious VBS Downloader fake image zip (trojan.rules)
2022348 - ET WEB_SERVER WEBSHELL JSP/Backdoor Shell Access
(web_server.rules)
2022359 - ET WEB_SERVER WEBSHELL Linux/Torte Uploaded (web_server.rules)
2022368 - ET POLICY External IP Lookup - ip.tyk.nu (policy.rules)
2022374 - ET WEB_CLIENT Suspicious LastPass URI Structure - Possible
Phishing (web_client.rules)
2022405 - ET POLICY External IP Lookup - meuip.net.br (policy.rules)
2022493 - ET CURRENT_EVENTS Evil Redirector Leading to EK Feb 05 2016
(current_events.rules)
2022494 - ET TROJAN Win32/LockScreen CnC HTTP Pattern (trojan.rules)
2022495 - ET TROJAN Win32/HydraCrypt CnC Beacon 1 (trojan.rules)
2022681 - ET TROJAN Win32.TreasureHunter Checkin (trojan.rules)
2030117 - ET TROJAN Ragnarok Ransomware CnC Activity M2 (trojan.rules)
2805882 - ETPRO MOBILE_MALWARE Android/JSmsHider.B Checkin
(mobile_malware.rules)
2806160 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Fakengry.d Checkin
(mobile_malware.rules)
2806161 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.i Checkin
(mobile_malware.rules)
2806651 - ETPRO MOBILE_MALWARE Android/Spy.Agent.I Checkin
(mobile_malware.rules)
2806750 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Fakengry.b Checkin
(mobile_malware.rules)
2807422 - ETPRO TROJAN Likely APT HTTPBrowser Checkin (trojan.rules)
2808270 - ETPRO TROJAN Win32.Trojan.Hijacker.Akym Checkin (trojan.rules)
2808567 - ETPRO TROJAN Trojan.Zbot Download (trojan.rules)
2808646 - ETPRO TROJAN W32/GovRAT Checkin (trojan.rules)
2808918 - ETPRO MOBILE_MALWARE Android/SMSreg.BI Checkin
(mobile_malware.rules)
2808940 - ETPRO MOBILE_MALWARE AndroidOS.Wintertiger.A Checkin
(mobile_malware.rules)
2809323 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Agent.u Checkin
(mobile_malware.rules)
2809476 - ETPRO MOBILE_MALWARE Android.Riskware.SmsPay.BP Checkin
(mobile_malware.rules)
2810076 - ETPRO TROJAN Infostealer.Bancos Checking (trojan.rules)
2810120 - ETPRO TROJAN Bandook Retrieving Payloads set (trojan.rules)
2810121 - ETPRO TROJAN Bandook Retrieving Payloads (trojan.rules)
2811887 - ETPRO TROJAN Python/Peppy RAT Connectivity Check to C2
(trojan.rules)
2812160 - ETPRO TROJAN Win32/Glodbrom.A/Ohagi Checkin (trojan.rules)
2812307 - ETPRO TROJAN Sefnit CnC Beacon 2 (trojan.rules)
2812701 - ETPRO TROJAN Arid Viper APT Checkin 3 (trojan.rules)
2812731 - ETPRO TROJAN Unknown Banker Dropper Checkin (trojan.rules)
2812736 - ETPRO TROJAN Win32.Bedep.dvr Beacon (trojan.rules)
2812749 - ETPRO MOBILE_MALWARE Android/AdDisplay.Feiwo.D Checkin
(mobile_malware.rules)
2812774 - ETPRO TROJAN Aibatook/Speccom/Vehidis CnC Beacon (trojan.rules)
2812781 - ETPRO TROJAN VBE Bancos Download (trojan.rules)
2812789 - ETPRO TROJAN Tofsee Spambot Retrieving Config (trojan.rules)
2812792 - ETPRO MOBILE_MALWARE Android.Trojan.SMSSend.KF Checkin
(mobile_malware.rules)
2812854 - ETPRO MOBILE_MALWARE Android.Adware.Youmi.A Checkin 3
(mobile_malware.rules)
2812948 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.SMSreg.gl Checkin
(mobile_malware.rules)
2812953 - ETPRO MOBILE_MALWARE Android.Adware.Adwo.A Checkin 3
(mobile_malware.rules)
2812954 - ETPRO MOBILE_MALWARE Android.Adware.Adwo.A Checkin 4
(mobile_malware.rules)
2812955 - ETPRO MOBILE_MALWARE Android.Adware.Adwo.A Checkin 5
(mobile_malware.rules)
2812959 - ETPRO MOBILE_MALWARE Android/AdDisplay.Becou.A Checkin
(mobile_malware.rules)
2812964 - ETPRO TROJAN Win32.Agent.nerwrv Checkin (trojan.rules)
2812970 - ETPRO TROJAN Luhe.MalMSIL.A Checkin POST (trojan.rules)
2812973 - ETPRO TROJAN PSW.Papras.EH Variant Checkin (trojan.rules)
2813006 - ETPRO MOBILE_MALWARE Android/HiddenApp.D Checkin 3
(mobile_malware.rules)
2813007 - ETPRO TROJAN Possible Win32/CMSBrute Traffic (trojan.rules)
2813027 - ETPRO TROJAN Gozi/Ursnif CnC Beacon (trojan.rules)
2813046 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.SMSreg.du Checkin 3
(mobile_malware.rules)
2813055 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.SMSreg.dw Checkin 3
(mobile_malware.rules)
2813056 - ETPRO MOBILE_MALWARE Android/Ksapp.L Checkin 2
(mobile_malware.rules)
2813074 - ETPRO TROJAN Trojan-Ransom.NSIS.Onion.hii CnC Beacon
(trojan.rules)
2814023 - ETPRO MOBILE_MALWARE Trojan-Downloader.AndroidOS.Leech.a
Checkin 2 (mobile_malware.rules)
2814030 - ETPRO TROJAN W32/Quasar RAT Connectivity Check 2 (trojan.rules)
2814048 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.sn Checkin
(mobile_malware.rules)
2814050 - ETPRO TROJAN Spy.Shiz HTTP CnC Beacon M1 (trojan.rules)
2814066 - ETPRO MOBILE_MALWARE Android.Trojan.Koler.D HTTP Checkin 2
(mobile_malware.rules)
2814088 - ETPRO TROJAN Win32/TrojanDownloader.Agent.RRR CnC Beacon
(trojan.rules)
2814095 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Levida.a Checkin
(mobile_malware.rules)
2814115 - ETPRO TROJAN W32/Nugg HTTP Headers (trojan.rules)
2814120 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Agent.aw Checkin
(mobile_malware.rules)
2814129 - ETPRO POLICY External IP Address Check - pr-cy.ru (policy.rules)
2814150 - ETPRO TROJAN Vawtrak Fake HTTP 403 Response (trojan.rules)
2814230 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Agent.UD Checkin
(mobile_malware.rules)
2814243 - ETPRO POLICY 7+ Taskbar Tweaker Checkin (policy.rules)
2814266 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.SMSreg.di Checkin
(mobile_malware.rules)
2814267 - ETPRO MOBILE_MALWARE Android.Riskware.SmsPay.G Checkin
(mobile_malware.rules)
2814270 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.de Response
- SET (mobile_malware.rules)
2814300 - ETPRO MOBILE_MALWARE Android.Adware.Wapsx.A Checkin 6
(mobile_malware.rules)
2814313 - ETPRO MOBILE_MALWARE Android/Clicker.D Checkin
(mobile_malware.rules)
2814326 - ETPRO MOBILE_MALWARE Android GhostPush Checkin
(mobile_malware.rules)
2814329 - ETPRO MOBILE_MALWARE Android GhostPush Checkin 4
(mobile_malware.rules)
2814330 - ETPRO MOBILE_MALWARE Android GhostPush Checkin 5
(mobile_malware.rules)
2814332 - ETPRO MOBILE_MALWARE Android OIMobi Checkin 2
(mobile_malware.rules)
2814337 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Rootnik.g Checkin
(mobile_malware.rules)
2814353 - ETPRO TROJAN HDRoot Downloader Dropping EXE (trojan.rules)
2814354 - ETPRO MOBILE_MALWARE Android.Trojan.SMSSend.ABJ Checkin
(mobile_malware.rules)
2814355 - ETPRO MOBILE_MALWARE Android/SMSreg.PF Checkin
(mobile_malware.rules)
2814373 - ETPRO TROJAN MSIL/Agent.AEO Variant CnC Activity (trojan.rules)
2814439 - ETPRO TROJAN Sharik/Smoke CnC Beacon 5 (trojan.rules)
2814478 - ETPRO MOBILE_MALWARE Android.Riskware.SmsPay.IN Checkin
(mobile_malware.rules)
2814491 - ETPRO MOBILE_MALWARE Android.Riskware.Agent.gXYUI Checkin
(mobile_malware.rules)
2814542 - ETPRO POLICY WebBar PUA IP Lookup (policy.rules)
2814565 - ETPRO TROJAN Win32/Zacom CnC Beacon 1 (trojan.rules)
2814589 - ETPRO TROJAN WIN32/KOVTER CnC Beacon (trojan.rules)
2814613 - ETPRO MOBILE_MALWARE PUP Android SmsSpoofer-AC Checkin
(mobile_malware.rules)
2814620 - ETPRO MOBILE_MALWARE Android/TrojanDownloader.FakeInst.CK
Checkin (mobile_malware.rules)
2814622 - ETPRO TROJAN Win32/Skeeyah.A Variant Conn Check (trojan.rules)
2814650 - ETPRO MOBILE_MALWARE Android/TrojanDropper.Agent.CT Checkin
(mobile_malware.rules)
2814671 - ETPRO TROJAN Bandook Retrieving Payload (cap) (trojan.rules)
2814672 - ETPRO TROJAN Bandook Retrieving Payload (tv) (trojan.rules)
2814693 - ETPRO TROJAN Pirpi CnC Beacon (trojan.rules)
2814720 - ETPRO MOBILE_MALWARE Android.Yzhc.A Checkin
(mobile_malware.rules)
2814746 - ETPRO MOBILE_MALWARE Android.Trojan.AutoSMS.IP Checkin
(mobile_malware.rules)
2814748 - ETPRO MOBILE_MALWARE Android.Riskware.Agent.gXAMO Checkin 2
(mobile_malware.rules)
2814753 - ETPRO TROJAN Win32.Unknown PAC Download (Possible AU Bank
Fraud) (trojan.rules)
2814777 - ETPRO MOBILE_MALWARE Android.Riskware.Agent.gVOD Checkin
(mobile_malware.rules)
2814820 - ETPRO MOBILE_MALWARE Monitor.AndroidOS.Reptilic.a Checkin
(mobile_malware.rules)
2814864 - ETPRO MOBILE_MALWARE PUP Android/Anydown.J Checkin
(mobile_malware.rules)
2814865 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.xd Checkin
(mobile_malware.rules)
2814911 - ETPRO MOBILE_MALWARE Android/Agent.OQ Checkin
(mobile_malware.rules)
2814930 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Opfake.a Checkin 14
(mobile_malware.rules)
2814933 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Agent.s Checkin
(mobile_malware.rules)
2814940 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.ei Checkin
(mobile_malware.rules)
2814964 - ETPRO MOBILE_MALWARE Android/Kemoge Checkin 3
(mobile_malware.rules)
2815124 - ETPRO TROJAN Trojan.Crypt.Delf.X Upload (trojan.rules)
2815130 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.hq Checkin
(mobile_malware.rules)
2815157 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Rootnik.i Checkin 2
(mobile_malware.rules)
2815176 - ETPRO TROJAN Likely Kovter Retrieving Additional Payload
(trojan.rules)
2815231 - ETPRO MOBILE_MALWARE Monitor.AndroidOS.Norex.a Checkin 2
(mobile_malware.rules)
2815232 - ETPRO MOBILE_MALWARE Monitor.AndroidOS.Norex.a Checkin 3
(mobile_malware.rules)
2815279 - ETPRO TROJAN Possible Chimera Ransomware - Ransom Message
Background GET Request (trojan.rules)
2815285 - ETPRO TROJAN Dexter POS CnC Beacon (trojan.rules)
2815354 - ETPRO POLICY RemoteMouse Update Request (policy.rules)
2815358 - ETPRO MOBILE_MALWARE Android.Trojan.HiddenApp.EN Checkin
(mobile_malware.rules)
2815363 - ETPRO TROJAN Win32/Qbot/Quakbot Checkin via HTTP POST
(trojan.rules)
2815372 - ETPRO MOBILE_MALWARE Android.Riskware.SmsPay.JA Checkin
(mobile_malware.rules)
2815373 - ETPRO MOBILE_MALWARE Android.Riskware.SmsPay.JA Checkin 2
(mobile_malware.rules)
2815382 - ETPRO TROJAN Win32/Delf Variant Checkin (trojan.rules)
2815384 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.CallPay.e Checkin
(mobile_malware.rules)
2815391 - ETPRO MOBILE_MALWARE Android/Spy.Agent.QW Checkin
(mobile_malware.rules)
2815392 - ETPRO MOBILE_MALWARE Android/Spy.Agent.QW Checkin 2
(mobile_malware.rules)
2815411 - ETPRO TROJAN Trojan-Ransomware Radamant Fetch Domain
(trojan.rules)
2815432 - ETPRO TROJAN Emissary CnC Beacon M2 (trojan.rules)
2815433 - ETPRO TROJAN Emissary External IP Check (trojan.rules)
2815521 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Seldor.d Checkin 3
(mobile_malware.rules)
2815526 - ETPRO MOBILE_MALWARE Android/Qdplugin.A Checkin 3
(mobile_malware.rules)
2815560 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Triada.d Checkin 2
(mobile_malware.rules)
2815561 - ETPRO MOBILE_MALWARE Android/FakeBank.AB Checkin
(mobile_malware.rules)
2815605 - ETPRO TROJAN Inexsmar/Darkhotel Stage1 CnC Beacon (trojan.rules)
2815612 - ETPRO MOBILE_MALWARE Android/AdDisplay.Shixot.A Checkin
(mobile_malware.rules)
2815635 - ETPRO MOBILE_MALWARE AdWare.AndroidOS.Apofer.a Checkin
(mobile_malware.rules)
2815636 - ETPRO MOBILE_MALWARE Android/Agent.FZ Checkin
(mobile_malware.rules)
2815644 - ETPRO TROJAN Win32/Jongiti.A Checkin 1 (trojan.rules)
2815645 - ETPRO TROJAN Win32/Jongiti.A Checkin 2 (trojan.rules)
2815646 - ETPRO MOBILE_MALWARE Android.Riskware.SmsPay.D Checkin 2
(mobile_malware.rules)
2815656 - ETPRO MOBILE_MALWARE Android.Trojan.AndroRAT.A Checkin
(mobile_malware.rules)
2815672 - ETPRO TROJAN Inexsmar/Darkhotel Stage1 Checkin 2 (trojan.rules)
2815682 - ETPRO MOBILE_MALWARE Android.Trojan.InfoStealer.FT Checkin
(mobile_malware.rules)
2815683 - ETPRO MOBILE_MALWARE Android.Trojan.InfoStealer.FT Checkin 2
(mobile_malware.rules)
2815731 - ETPRO MOBILE_MALWARE Android/MTK.B Checkin
(mobile_malware.rules)
2815837 - ETPRO TROJAN Rekaf Checkin (trojan.rules)
2815846 - ETPRO POLICY External IP Lookup dns-free.com (policy.rules)
2815875 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Tiny.ag Checkin 2
(mobile_malware.rules)
2815944 - ETPRO TROJAN LDPinch Checkin HTTP Post 2 (trojan.rules)
2815975 - ETPRO WEB_SPECIFIC_APPS WP Appointment Booking Calendar SQLi
Attempt (web_specific_apps.rules)
2815988 - ETPRO WEB_SERVER Possible CVE 2016-0752 Log Tainting Attempt
(web_server.rules)
2815993 - ETPRO TROJAN Win32/Jongiti.A Checkin 3 (trojan.rules)
2816028 - ETPRO TROJAN MiniDuke CnC Beacon (trojan.rules)
2816029 - ETPRO TROJAN Win32/OnionDuke CnC Beacon (trojan.rules)
2816033 - ETPRO TROJAN Python/Rozena.E Connectivity Check (trojan.rules)
2816054 - ETPRO TROJAN Win32/Uloz Botnet CnC Checkin (trojan.rules)
2816091 - ETPRO TROJAN PlasmaRAT Variant Checkin (trojan.rules)
2816105 - ETPRO TROJAN Chinoxy GET CnC Beacon (trojan.rules)
2816122 - ETPRO TROJAN Win32/Agent.XSE CnC Host Checkin (trojan.rules)
2816147 - ETPRO TROJAN Backdoor.Mizzmo Checkin 5 (trojan.rules)
2816149 - ETPRO MOBILE_MALWARE Android.Trojan.InfoStealer.FY Checkin
(mobile_malware.rules)
2816151 - ETPRO TROJAN Backdoor.Mizzmo Checkin 3 (trojan.rules)
2816153 - ETPRO TROJAN Chute CnC Beacon (trojan.rules)
2816168 - ETPRO MOBILE_MALWARE Android.Trojan.HiddenApp.XXS Checkin
(mobile_malware.rules)
2816184 - ETPRO MOBILE_MALWARE Android.Trojan.Deviceadmin.Auto Checkin
(mobile_malware.rules)
2816185 - ETPRO MOBILE_MALWARE Android.Trojan.Deviceadmin.Auto Checkin 2
(mobile_malware.rules)
2816225 - ETPRO TROJAN Win32/HydraCrypt Ransom Image GET (trojan.rules)
2816300 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.ii Checkin
(mobile_malware.rules)
2816301 - ETPRO TROJAN Win32/Evotob.B CnC (trojan.rules)
2816308 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.fw Checkin
(mobile_malware.rules)
2816311 - ETPRO TROJAN W32/Banload CnC (trojan.rules)
2816325 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Ciban.a Checkin
(mobile_malware.rules)
2816326 - ETPRO MOBILE_MALWARE Android/AdDisplay.Kuguo.AA Checkin
(mobile_malware.rules)
2816341 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Hqwar.j Checkin
(mobile_malware.rules)
2816342 - ETPRO MOBILE_MALWARE Trojan-Downloader.AndroidOS.Agent.bm
Checkin (mobile_malware.rules)
2816355 - ETPRO MOBILE_MALWARE Android.Monitor.SpyApp.D Checkin
(mobile_malware.rules)
2816376 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.ip Checkin
(mobile_malware.rules)
2816387 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Guerrilla.pac
Checkin (mobile_malware.rules)
2816603 - ETPRO WEB_SERVER Jetspeed Create User HTTP Request
(CVE-2016-0710) (web_server.rules)
2816616 - ETPRO MOBILE_MALWARE Trojan-Clicker.AndroidOS.Simpo.l
Downloading .js File (mobile_malware.rules)
2816622 - ETPRO TROJAN W32/Syndicasec.Backdoor Downloader CnC Beacon 2
(trojan.rules)
2816636 - ETPRO TROJAN MSIL/JScriptDownloader Retrieving Payload
(trojan.rules)
2816638 - ETPRO WEB_SPECIFIC_APPS WP Ultimate Exporter Plugin SQLi
Attempt (web_specific_apps.rules)
2816651 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Tordow.pac Checkin
(mobile_malware.rules)
2816654 - ETPRO TROJAN MSIL/Agent.AJN Variant Checkin (trojan.rules)
2816663 - ETPRO TROJAN Suspicious Terse Download Request to kuwaiti.co
(trojan.rules)
2816743 - ETPRO TROJAN TDrop2 CnC Beacon 1 (trojan.rules)
2816797 - ETPRO MOBILE_MALWARE Android/SMSreg.SP Checkin
(mobile_malware.rules)
2816803 - ETPRO MOBILE_MALWARE Trojan-Ransom.AndroidOS.Kisok.a Checkin
(mobile_malware.rules)
2843937 - ETPRO TROJAN Ragnarok Ransomware CnC Activity M3 (trojan.rules)

[---] Disabled and modified rules: [---]

2018685 - ET TROJAN Win32/Aibatook checkin (trojan.rules)
2021718 - ET TROJAN Bedep HTTP POST CnC Beacon 2 (trojan.rules)
2021737 - ET MOBILE_MALWARE Trojan.iPhoneOS.KeyRaider Checkin
(mobile_malware.rules)
2021738 - ET MOBILE_MALWARE Trojan.iPhoneOS.KeyRaider Checkin 2
(mobile_malware.rules)
2021790 - ET TROJAN Iron Tiger Backdoor.GCloud CnC Beacon (trojan.rules)
2021812 - ET TROJAN Ursnif Variant CnC Beacon 2 (trojan.rules)
2021851 - ET TROJAN Ransomware Win32/WinPlock.A CnC Beacon 1
(trojan.rules)
2021855 - ET TROJAN Ransomware Win32/WinPlock.A CnC Beacon 4
(trojan.rules)
2021856 - ET TROJAN Ransomware Win32/WinPlock.A CnC Beacon 5
(trojan.rules)
2021857 - ET TROJAN Ransomware Win32/WinPlock.A CnC Beacon 6
(trojan.rules)
2021858 - ET TROJAN Ransomware Win32/WinPlock.A CnC Beacon 7
(trojan.rules)
2021859 - ET TROJAN Ransomware Win32/WinPlock.A CnC Beacon 8
(trojan.rules)
2021860 - ET TROJAN Ransomware Win32/WinPlock.A CnC Beacon 9
(trojan.rules)
2021861 - ET TROJAN Ransomware Win32/WinPlock.A CnC Beacon 10
(trojan.rules)
2021862 - ET TROJAN Ransomware Win32/WinPlock.A CnC Beacon 11
(trojan.rules)
2021900 - ET MOBILE_MALWARE YiSpecter Activity M1 (mobile_malware.rules)
2021901 - ET MOBILE_MALWARE YiSpecter Activity M2 (mobile_malware.rules)
2022020 - ET TROJAN Likely Malvertising Malicious PE Download
(trojan.rules)
2022188 - ET TROJAN Win32/Scieron-A Checkin via HTTP POST 2 (trojan.rules)
2022282 - ET TROJAN Win32/ProPoS CnC Beacon (trojan.rules)
2022358 - ET TROJAN Linux/Torte Checkin (trojan.rules)
2022676 - ET TROJAN Ransomware/Coverton Checkin (trojan.rules)
2022677 - ET TROJAN Ransomware/Coverton CnC 1 (trojan.rules)
2022678 - ET TROJAN Ransomware/Coverton CnC 2 (trojan.rules)
2809932 - ETPRO TROJAN Wqlspy-A CnC Beacon 2 (trojan.rules)
2810731 - ETPRO MOBILE_MALWARE Android/Igexin.A Checkin
(mobile_malware.rules)
2812706 - ETPRO TROJAN Tinybaron HTTP CnC Beacon (trojan.rules)
2812769 - ETPRO MOBILE_MALWARE Monitor.AndroidOS.SpyBubble.a Checkin
(mobile_malware.rules)
2812856 - ETPRO MOBILE_MALWARE AdWare.AndroidOS.Mobisec Checkin
(mobile_malware.rules)
2812941 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Opfake.ce Checkin
(mobile_malware.rules)
2812943 - ETPRO TROJAN Win32/Banker.AOS Checkin (trojan.rules)
2812956 - ETPRO MOBILE_MALWARE Android.Adware.Adwo.A Checkin 6
(mobile_malware.rules)
2812960 - ETPRO MOBILE_MALWARE AdWare.AndroidOS.Xynyin.a Checkin 2
(mobile_malware.rules)
2812977 - ETPRO TROJAN Python Backdoor Variant CnC Beacon M2
(trojan.rules)
2812993 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.SMSreg.my Checkin
(mobile_malware.rules)
2813004 - ETPRO MOBILE_MALWARE Android/HiddenApp.D Checkin
(mobile_malware.rules)
2813005 - ETPRO MOBILE_MALWARE Android/HiddenApp.D Checkin 2
(mobile_malware.rules)
2813025 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.de Checkin 4
(mobile_malware.rules)
2813048 - ETPRO TROJAN Win32/Delfinject.gen!AN Checkin (trojan.rules)
2813091 - ETPRO TROJAN Unknown .NET Credstealer (trojan.rules)
2813096 - ETPRO MOBILE_MALWARE Trojan-Ransom.AndroidOS.Pletor.e Checkin
(mobile_malware.rules)
2814001 - ETPRO TROJAN Python/SandboxTester CnC Beacon M1 (trojan.rules)
2814002 - ETPRO TROJAN Python/SandboxTester CnC Beacon M2 (trojan.rules)
2814003 - ETPRO TROJAN Python/SandboxTester Sending Screenshot
(trojan.rules)
2814024 - ETPRO MOBILE_MALWARE Android/TrojanDownloader.Agent.DM Download
(mobile_malware.rules)
2814060 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmThief.es Checkin
(mobile_malware.rules)
2814062 - ETPRO TROJAN Win32/Kortor.A External IP Check (trojan.rules)
2814090 - ETPRO MOBILE_MALWARE Android/Locker.EW Checkin
(mobile_malware.rules)
2814111 - ETPRO TROJAN Vawtrak Retrieving Update (trojan.rules)
2814113 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ax Checkin 2
(mobile_malware.rules)
2814114 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Chyapo.b Checkin
(mobile_malware.rules)
2814118 - ETPRO MOBILE_MALWARE PUP Android/SMSreg.SI Checkin
(mobile_malware.rules)
2814128 - ETPRO POLICY External IP Address Check - speed-tester.info
(policy.rules)
2814140 - ETPRO TROJAN MSIL/Stimilina.F Checkin 2 (trojan.rules)
2814153 - ETPRO MOBILE_MALWARE Android/Fobus.Q Checkin
(mobile_malware.rules)
2814154 - ETPRO MOBILE_MALWARE DroidKungFu Checkin 7
(mobile_malware.rules)
2814160 - ETPRO TROJAN Win32/Pink.Flower External IP Address Check
(trojan.rules)
2814163 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Abacus.a Checkin
(mobile_malware.rules)
2814192 - ETPRO TROJAN Win32/Warood Sending Infection Report
(trojan.rules)
2814195 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.ra Checkin
(mobile_malware.rules)
2814231 - ETPRO MOBILE_MALWARE Android/Uten.A Checkin 2
(mobile_malware.rules)
2814269 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.de Checkin 5
(mobile_malware.rules)
2814299 - ETPRO MOBILE_MALWARE Android/Spy.Agent.MT Checkin
(mobile_malware.rules)
2814304 - ETPRO TROJAN Win32/Banker.APD Checkin (trojan.rules)
2814305 - ETPRO MOBILE_MALWARE Android.Trojan.DDLight.N Checkin
(mobile_malware.rules)
2814314 - ETPRO TROJAN Win32/Agent.RJL Checkin (trojan.rules)
2814327 - ETPRO MOBILE_MALWARE Android GhostPush Checkin 2
(mobile_malware.rules)
2814341 - ETPRO TROJAN Terop Bot Checkin (trojan.rules)
2814369 - ETPRO TROJAN W32/Xtrat CnC Related To APT Connectivity Check (
microsoft.com) (trojan.rules)
2814378 - ETPRO MOBILE_MALWARE YiSpecter Checkin (mobile_malware.rules)
2814379 - ETPRO MOBILE_MALWARE YiSpecter Checkin 2 (mobile_malware.rules)
2814380 - ETPRO MOBILE_MALWARE YiSpecter Checkin 3 (mobile_malware.rules)
2814381 - ETPRO MOBILE_MALWARE YiSpecter Checkin 4 (mobile_malware.rules)
2814382 - ETPRO MOBILE_MALWARE YiSpecter Checkin 5 (mobile_malware.rules)
2814428 - ETPRO MOBILE_MALWARE Android GhostPush Checkin 6
(mobile_malware.rules)
2814430 - ETPRO MOBILE_MALWARE Android.Trojan.HiddenApp.BY Checkin
(mobile_malware.rules)
2814431 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ay Checkin
(mobile_malware.rules)
2814484 - ETPRO MOBILE_MALWARE Android.Riskware.SmsPay.DC Checkin
(mobile_malware.rules)
2814499 - ETPRO TROJAN Java/CoinWalletStealer CnC Beacon (trojan.rules)
2814512 - ETPRO TROJAN Unknown Banker Checkin 2 (trojan.rules)
2814524 - ETPRO MOBILE_MALWARE Android.Trojan.GoldenEagle.E Checkin
(mobile_malware.rules)
2814531 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Agent.dm Checkin
(mobile_malware.rules)
2814547 - ETPRO TROJAN Kawpfuni/Keydoor Checkin (trojan.rules)
2814548 - ETPRO TROJAN Win32.Crypmod.dbsjnq Conn Check (trojan.rules)
2814556 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Smaps.a Checkin 2
(mobile_malware.rules)
2814590 - ETPRO TROJAN WIN32/KOVTER Checkin (trojan.rules)
2814591 - ETPRO TROJAN Trojan.Bodegun.1 CnC get_func (trojan.rules)
2814592 - ETPRO TROJAN Trojan.Bodegun.1 CnC Beacon (trojan.rules)
2814593 - ETPRO TROJAN Trojan.Bodegun.1 Checkin (trojan.rules)
2814594 - ETPRO TROJAN Trojan.Bodegun.1 Checkin 2 (trojan.rules)
2814595 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Iop.f Checkin
(mobile_malware.rules)
2814596 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Iop.f Checkin 2
(mobile_malware.rules)
2814636 - ETPRO MOBILE_MALWARE Android.Adware.Mulad.AD Checkin
(mobile_malware.rules)
2814727 - ETPRO TROJAN Bmdoor Variant CnC Beacon 1 (trojan.rules)
2814737 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Smaps.a Checkin 3
(mobile_malware.rules)
2814739 - ETPRO POLICY Android Moplus SDK HTTP Server Receiving Daemon
Command (policy.rules)
2814747 - ETPRO MOBILE_MALWARE Android.Riskware.Agent.gXAMO Checkin
(mobile_malware.rules)
2814749 - ETPRO TROJAN Win32.PWS.Keyer Checkin (trojan.rules)
2814822 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.fg Checkin
(mobile_malware.rules)
2814847 - ETPRO MOBILE_MALWARE Android/Fobus.X Checkin 2
(mobile_malware.rules)
2814866 - ETPRO TROJAN Win32/Pifagor CMS Bruteforcer CnC Checkin
(trojan.rules)
2814881 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.hr Checkin
(mobile_malware.rules)
2814900 - ETPRO MOBILE_MALWARE Android/SMForw.GX Checkin
(mobile_malware.rules)
2814912 - ETPRO MOBILE_MALWARE Android/Agent.OQ Checkin 2
(mobile_malware.rules)
2814913 - ETPRO MOBILE_MALWARE Trojan.Android.Dialer.C Checkin
(mobile_malware.rules)
2814929 - ETPRO MOBILE_MALWARE AdWare.AndroidOS.Jedan.a Checkin
(mobile_malware.rules)
2814935 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Mobtes.c Checkin
(mobile_malware.rules)
2814941 - ETPRO MOBILE_MALWARE Android.Riskware.SMSSend.AY Checkin
(mobile_malware.rules)
2814993 - ETPRO MOBILE_MALWARE Android OIMobi Checkin 3
(mobile_malware.rules)
2815040 - ETPRO TROJAN Trojan.Win32.Fsysna.cjig Checkin (trojan.rules)
2815041 - ETPRO TROJAN Trojan.InstallCube.407 Checkin (trojan.rules)
2815066 - ETPRO MOBILE_MALWARE Trojan-Ransom.AndroidOS.Pletor.e Checkin
(mobile_malware.rules)
2815082 - ETPRO MOBILE_MALWARE AndroidOS/Agent.PS Checkin
(mobile_malware.rules)
2815094 - ETPRO TROJAN Likely Exploit SWF Beacon Requesting PE
(trojan.rules)
2815095 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Agent.AVF Checkin 2
(mobile_malware.rules)
2815136 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Fakengry.d Checkin 2
(mobile_malware.rules)
2815158 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ff Checkin 3
(mobile_malware.rules)
2815184 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ff Checkin 4
(mobile_malware.rules)
2815190 - ETPRO TROJAN W32/Sofacy Variant (CHOPSTICK) CnC 2 (trojan.rules)
2815191 - ETPRO TROJAN W32/Sofacy Variant (CHOPSTICK) CnC 2 (trojan.rules)
2815290 - ETPRO TROJAN Backdoor.Cadelspy Checkin 2 (trojan.rules)
2815327 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.SMSreg.jl Checkin
(mobile_malware.rules)
2815337 - ETPRO TROJAN Win32/LockScreen CnC Beacon 3 (trojan.rules)
2815381 - ETPRO TROJAN Win32/Python.Convoo.A External IP Check
(trojan.rules)
2815410 - ETPRO TROJAN Trojan-Ransomware Radamant Checkin (trojan.rules)
2815412 - ETPRO TROJAN Trojan-Ransomware Radamant Fetch Mask
(trojan.rules)
2815441 - ETPRO TROJAN Elmer CnC Beacon 1 (trojan.rules)
2815462 - ETPRO TROJAN Win32/Megalodon Conn Check (trojan.rules)
2815486 - ETPRO MOBILE_MALWARE Android OIMobi Checkin 4
(mobile_malware.rules)
2815488 - ETPRO MOBILE_MALWARE Android OIMobi Checkin 6
(mobile_malware.rules)
2815489 - ETPRO MOBILE_MALWARE Android.Trojan.MMarketPay.E Checkin
(mobile_malware.rules)
2815491 - ETPRO MOBILE_MALWARE Android.Fjcon.B Checkin 2
(mobile_malware.rules)
2815520 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Seldor.d Checkin 2
(mobile_malware.rules)
2815525 - ETPRO MOBILE_MALWARE Android/Qdplugin.A Checkin 2
(mobile_malware.rules)
2815603 - ETPRO TROJAN Win32.Nitol.K Variant Checkin 1 (trojan.rules)
2815604 - ETPRO TROJAN Inexsmar/Darkhotel Stage1 Checkin (trojan.rules)
2815607 - ETPRO TROJAN Inexsmar/Darkhotel Stage2 CnC Beacon (trojan.rules)
2815609 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ff Checkin 5
(mobile_malware.rules)
2815613 - ETPRO MOBILE_MALWARE Android/Adware.AdsWo.A Checkin 2
(mobile_malware.rules)
2815654 - ETPRO TROJAN Win32/Agent.XOA Checkin 2 (trojan.rules)
2815655 - ETPRO TROJAN Win32/Agent.XOA Checkin 3 (trojan.rules)
2815687 - ETPRO CURRENT_EVENTS DRIVEBY Possible Status Report M1
(current_events.rules)
2815689 - ETPRO CURRENT_EVENTS DRIVEBY Possible Error Report (generic)
(current_events.rules)
2815776 - ETPRO TROJAN Win32/Micrass.B CnC Beacon (trojan.rules)
2815838 - ETPRO TROJAN Rekaf CnC Beacon 1 (trojan.rules)
2815839 - ETPRO TROJAN Rekaf CnC Beacon 2 (trojan.rules)
2815848 - ETPRO TROJAN Win32/LockScreen CnC Beacon 4 (trojan.rules)
2815850 - ETPRO MOBILE_MALWARE Android.Trojan.Tefoni.A Checkin
(mobile_malware.rules)
2815868 - ETPRO TROJAN Kivars CnC Beacon (trojan.rules)
2815885 - ETPRO TROJAN Win32/LockScreen CnC Beacon 5 (trojan.rules)
2815934 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ff Checkin 6
(mobile_malware.rules)
2816008 - ETPRO TROJAN WIN32/BULTA!RFN Checkin (trojan.rules)
2816010 - ETPRO TROJAN Win32/Banatrix Variant XPI Download (trojan.rules)
2816015 - ETPRO TROJAN Yuckyll CnC Beacon 1 M1 (trojan.rules)
2816169 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Agent.cb Checkin
(mobile_malware.rules)
2816170 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Agent.cb Checkin 2
(mobile_malware.rules)
2816175 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.hd Checkin
(mobile_malware.rules)
2816177 - ETPRO TROJAN W32/Nymaim Checkin 4 (trojan.rules)
2816215 - ETPRO MOBILE_MALWARE Android.Monitor.SilentTracker.B Checkin
(mobile_malware.rules)
2816224 - ETPRO TROJAN Win32/HydraCrypt CnC Beacon 2 (trojan.rules)
2816296 - ETPRO CURRENT_EVENTS Evil HTA (Kovter) M2 (current_events.rules)
2816307 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Igamo.a Checkin 2
(mobile_malware.rules)
2816309 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iv Checkin
(mobile_malware.rules)
2816336 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ay Checkin 2
(mobile_malware.rules)
2816344 - ETPRO MOBILE_MALWARE Android.Riskware.SMSSend.gRJR Checkin
(mobile_malware.rules)
2816345 - ETPRO MOBILE_MALWARE Android.Trojan.FakeInst.BX Checkin 5
(mobile_malware.rules)
2816359 - ETPRO TROJAN Ursnif Inject CnC Request 2 (trojan.rules)
2816462 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ac Checkin 2
(mobile_malware.rules)
2816464 - ETPRO TROJAN Trojan-Ransomware Radamant Fetch Wallets
(trojan.rules)
2816470 - ETPRO MOBILE_MALWARE Android/SMSreg.GF Checkin
(mobile_malware.rules)
2816473 - ETPRO MOBILE_MALWARE Android.Riskware.Agent.W Checkin
(mobile_malware.rules)
2816474 - ETPRO TROJAN W32/Rover Uploading Screenshot (trojan.rules)
2816475 - ETPRO TROJAN W32/Rover Uploading Files (trojan.rules)
2816476 - ETPRO TROJAN W32/Rover Reporting Devices (trojan.rules)
2816477 - ETPRO TROJAN W32/Rover CnC (trojan.rules)
2816478 - ETPRO TROJAN W32/Rover Downloading Module (trojan.rules)
2816503 - ETPRO MOBILE_MALWARE Android Unknown Trojan Checkin
(mobile_malware.rules)
2816507 - ETPRO TROJAN OnionDownloader Downloading PE (trojan.rules)
2816517 - ETPRO TROJAN Trojan.MSILPerseus.D44B1 Checkin 1 (trojan.rules)
2816615 - ETPRO MOBILE_MALWARE Trojan-Clicker.AndroidOS.Simpo.l Checkin
(mobile_malware.rules)
2816617 - ETPRO MOBILE_MALWARE Trojan-Clicker.AndroidOS.Simpo.l Checkin 2
(mobile_malware.rules)
2816662 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Spambot.a Checkin
(mobile_malware.rules)
2816675 - ETPRO MOBILE_MALWARE Android.Trojan.SLocker.IE Checkin
(mobile_malware.rules)
2816696 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Ztorg.a Checkin
(mobile_malware.rules)
2816731 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.hu Checkin
(mobile_malware.rules)
2816732 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.hu Checkin 2
(mobile_malware.rules)
2816736 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Paccy.b Checkin
(mobile_malware.rules)
2816737 - ETPRO TROJAN Rexpot Variant CnC Beacon (trojan.rules)
2816774 - ETPRO MOBILE_MALWARE Android/HiddenApp.K Checkin
(mobile_malware.rules)
2816775 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Caresy.a Checkin
(mobile_malware.rules)

[---] Removed rules: [---]

2008052 - ET MALWARE User-Agent (Internet Explorer) (malware.rules)
2814890 - ETPRO TROJAN Win32.Unknown.Autoit Checkin (trojan.rules)

Date:

Monday, October 5, 2020

Summary title:

3 new OPEN, 28 new PRO (3 + 25). MosaicRegressor, Win32/EvolvedThief, Win32/SantaCrypt Ransomware, Bazaloader, Win32/Remcos, HAKOPS Keylogger, VARIOUS PHISH.