[***]            Summary:            [***]

4 new OPEN, 26 new PRO (4 + 22). RelevantKnowledge,  MSIL/Hive/Firebird RAT CnC, Win32/Agent.YMU, Win32/Remcos RAT, Win32/Banbra Variant, Coinminers, VARIOUS PHISH.

Today it is Friday.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

  2018174 - ET MALWARE RelevantKnowledge Adware CnC Beacon (malware.rules)
  2030992 - ET CURRENT_EVENTS Lucy Phishing Panel Accessed on Internal
Server (current_events.rules)
  2030993 - ET CURRENT_EVENTS Lucy Phishing Panel Accessed on External
Server (current_events.rules)
  2030994 - ET TROJAN MontysThree HTTPTransport Module Activity
(trojan.rules)

Pro:

  2844862 - ETPRO TROJAN MSIL/Hive/Firebird RAT CnC Activity (trojan.rules)
  2844863 - ETPRO TROJAN Win32/Reconyc.fkbu CnC Checkin (trojan.rules)
  2844864 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT CnC)
(trojan.rules)
  2844865 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT CnC)
(trojan.rules)
  2844866 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT CnC)
(trojan.rules)
  2844867 - ETPRO TROJAN Win32/Agent.YMU Variant CnC Activity (trojan.rules)
  2844868 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-10-09 1) (trojan.rules)
  2844869 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-10-09 2) (trojan.rules)
  2844870 - ETPRO CURRENT_EVENTS Successful ING Phish 2020-10-09
(current_events.rules)
  2844871 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2020-10-09 (current_events.rules)
  2844872 - ETPRO CURRENT_EVENTS Successful Generic Banking Information
Phish 2020-10-09 (current_events.rules)
  2844873 - ETPRO CURRENT_EVENTS Successful Voter Registration Phish
2020-10-09 (current_events.rules)
  2844874 - ETPRO CURRENT_EVENTS Successful SMBC Phish 2020-10-09
(current_events.rules)
  2844875 - ETPRO CURRENT_EVENTS Successful Sharepoint Phish 2020-10-09
(current_events.rules)
  2844876 - ETPRO CURRENT_EVENTS Successful Match Phish 2020-10-09
(current_events.rules)
  2844877 - ETPRO TROJAN Win32/Remcos RAT Checkin 557 (trojan.rules)
  2844878 - ETPRO TROJAN Win32/Remcos RAT Checkin 558 (trojan.rules)
  2844879 - ETPRO TROJAN Observed IcedID CnC Domain in TLS SNI
(trojan.rules)
  2844880 - ETPRO TROJAN Observed IcedID CnC Domain in TLS SNI
(trojan.rules)
  2844881 - ETPRO TROJAN Observed IcedID CnC Domain in TLS SNI
(trojan.rules)
  2844882 - ETPRO MALWARE AideSoft Wallpaper Loader Checkin Activity
(malware.rules)
  2844883 - ETPRO TROJAN Win32/Banbra Variant Activity (trojan.rules)

[///]     Modified active rules:     [///]

  2011800 - ET POLICY Abnormal User-Agent No space after colon - Likely
Hostile (policy.rules)
  2013376 - ET TROJAN W32/Nolja Trojan User-Agent (FileNolja) (trojan.rules)
  2015478 - ET CURRENT_EVENTS Possible Unknown TDS /top2.html
(current_events.rules)
  2017060 - ET EXPLOIT SolusVM 1.13.03 SQL injection (exploit.rules)
  2017587 - ET MOBILE_MALWARE Android/Opfake.A GetTask CnC Beacon
(mobile_malware.rules)
  2018028 - ET TROJAN W32/Madness Checkin (trojan.rules)
  2018401 - ET TROJAN Win32.Kazy Checkin (trojan.rules)
  2018491 - ET TROJAN Miniduke Checkin (trojan.rules)
  2018516 - ET TROJAN Win32/Spy.Banker.AAQD Checkin (trojan.rules)
  2018543 - ET CURRENT_EVENTS Neverquest/Vawtrak Posting Data
(current_events.rules)
  2018580 - ET TROJAN Win32/Neutrino Checkin (trojan.rules)
  2019158 - ET TROJAN Possible Malicious Invoice EXE (trojan.rules)
  2019545 - ET TROJAN Sofacy Request Outbound (trojan.rules)
  2019606 - ET TROJAN Poweliks Abnormal HTTP Headers high likelihood of
Poweliks infection (trojan.rules)
  2019782 - ET CURRENT_EVENTS Successful PayPal Phish Nov 24 2014
(current_events.rules)
  2019783 - ET CURRENT_EVENTS Successful Paypal Phish Nov 24 2014
 (current_events.rules)
  2019784 - ET CURRENT_EVENTS Successful Paypal Phish Nov 24 2014
(current_events.rules)
  2020094 - ET TROJAN Win32/Neutrino CC dump (trojan.rules)
  2020475 - ET POLICY Metasploit Framework Checking For Update
(policy.rules)
  2021195 - ET POLICY Possible External IP Lookup whoer.net (policy.rules)
  2023254 - ET TROJAN Book of Eli CnC Checkin  (trojan.rules)
  2023485 - ET TROJAN JS/HTA Downloader Behavior M3 (trojan.rules)
  2023681 - ET MOBILE_MALWARE Android Fancy Bear Checkin 2
(mobile_malware.rules)
  2023765 - ET TROJAN Betabot Checkin 5 (trojan.rules)
  2024122 - ET CURRENT_EVENTS MalDoc Retrieving Payload March 30 2017
(current_events.rules)
  2024180 - ET CURRENT_EVENTS Terror EK Payload Download
(current_events.rules)
  2024201 - ET MOBILE_MALWARE AdWare.AndroidOS.Ewind.cd Checkin
(mobile_malware.rules)
  2024224 - ET WEB_CLIENT Office Requesting .HTA File Likely CVE-2017-0199
Request (web_client.rules)
  2024226 - ET WEB_CLIENT Office Discovery HTA file Likely CVE-2017-0199
Request M2 (web_client.rules)
  2024233 - ET TROJAN Unknown Possibly Ransomware (Dropped by RIG) CnC
Beacon (trojan.rules)
  2024298 - ET TROJAN W32/WannaCry.Ransomware Killswitch Domain HTTP
Request 1 (trojan.rules)
  2024300 - ET TROJAN W32/WannaCry.Ransomware Killswitch Domain HTTP
Request 3 (trojan.rules)
  2024342 - ET WEB_SPECIFIC_APPS Joomla 3.7.0 - Sql Injection
(CVE-2017-8917) (web_specific_apps.rules)
  2024344 - ET CURRENT_EVENTS Terror EK Payload URI T1 Jun 02 2017
(current_events.rules)
  2024426 - ET MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.a CnC Beacon
(mobile_malware.rules)
  2024490 - ET TROJAN HTTP Andromeda File Request (trojan.rules)
  2024550 - ET CURRENT_EVENTS Likely Malicious Windows SCT Download
MSXMLHTTP M1 (current_events.rules)
  2024551 - ET CURRENT_EVENTS Likely Malicious Windows SCT Download
MSXMLHTTP M2 (current_events.rules)
  2024552 - ET CURRENT_EVENTS Likely Malicious Windows SCT Download
MSXMLHTTP M3 (current_events.rules)
  2024659 - ET TROJAN [PTsecurity] Tinba Checkin 4 (trojan.rules)
  2024808 - ET WEB_SPECIFIC_APPS Apache Tomcat Possible CVE-2017-12617 JSP
Upload Bypass Attempt (web_specific_apps.rules)
  2024809 - ET WEB_SPECIFIC_APPS Apache Tomcat Possible CVE-2017-12617 JSP
Upload Bypass Attempt (web_specific_apps.rules)
  2024810 - ET WEB_SPECIFIC_APPS Apache Tomcat Possible CVE-2017-12617 JSP
Upload Bypass Attempt (web_specific_apps.rules)
  2024811 - ET WEB_SPECIFIC_APPS Apache Tomcat Possible CVE-2017-12617 JSP
Upload Bypass Attempt (web_specific_apps.rules)
  2024812 - ET WEB_SPECIFIC_APPS Apache Tomcat Possible CVE-2017-12617 JSP
Upload Bypass Attempt (web_specific_apps.rules)
  2024813 - ET WEB_SPECIFIC_APPS Apache Tomcat Possible CVE-2017-12617 JSP
Upload Bypass Attempt (web_specific_apps.rules)
  2024941 - ET EXPLOIT Possible Oracle Identity Manager Attempt to Logon
with default account (exploit.rules)
  2025222 - ET EXPLOIT Generic ADSL Router DNS Change Request
(exploit.rules)
  2025223 - ET EXPLOIT Possible Belkin N600DB Wireless Router Request
Forgery Attempt (exploit.rules)
  2806799 - ETPRO POLICY securityxploded malware retrieval URI
(policy.rules)
  2807086 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Obad.a Checkin 2
(mobile_malware.rules)
  2807357 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Agent.SD Checkin
(mobile_malware.rules)
  2808199 - ETPRO MOBILE_MALWARE Android.Trojan.FakeInst.DZ Checkin
(mobile_malware.rules)
  2808271 - ETPRO TROJAN BackDoor.Yebot Checkin (trojan.rules)
  2808934 - ETPRO MOBILE_MALWARE Android.Trojan.AgentSpy.P SMS Exfil
(mobile_malware.rules)
  2809063 - ETPRO MOBILE_MALWARE DroidKungFu Checkin 5
(mobile_malware.rules)
  2809907 - ETPRO TROJAN Win32/Jinupd.B Cnc Beacon (trojan.rules)
  2809951 - ETPRO POLICY Possible External IP Lookup pijoto.net
(policy.rules)
  2809956 - ETPRO MOBILE_MALWARE Android/Smcc.D Checkin
(mobile_malware.rules)
  2810016 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.fb Checkin 4
(mobile_malware.rules)
  2810166 - ETPRO INFO Commonly Abused File Sharing Site Domain HTTP
request (savepic .su) (info.rules)
  2810640 - ETPRO MOBILE_MALWARE Android.Riskware.SMSReg.BW Checkin
(mobile_malware.rules)
  2811698 - ETPRO TROJAN Win32/Onliner Spam Bot CnC (trojan.rules)
  2811967 - ETPRO TROJAN ReactorBot CnC Beacon (trojan.rules)
  2812980 - ETPRO MOBILE_MALWARE Android.Trojan.Damruved.A Checkin
(mobile_malware.rules)
  2815189 - ETPRO MOBILE_MALWARE Android/Agent.OS Checkin
(mobile_malware.rules)
  2816531 - ETPRO POLICY External IP Lookup www.trackip.net (policy.rules)
  2816532 - ETPRO POLICY External IP Lookup www.ip-tracker.org
(policy.rules)
  2819864 - ETPRO MOBILE_MALWARE AdWare.AndroidOS.Batmob.b Checkin
(mobile_malware.rules)
  2819987 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Hqwar.q Checkin
(mobile_malware.rules)
  2820059 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Tiny.az Checkin 2
(mobile_malware.rules)
  2820316 - ETPRO TROJAN EDA2 Gen Ransomware CnC Create Key (trojan.rules)
  2820451 - ETPRO POLICY External IP Lookup freehostedscripts.net
(policy.rules)
  2820489 - ETPRO MOBILE_MALWARE Trojan-Ransom.AndroidOS.Svpeng.m Checkin
(mobile_malware.rules)
  2820853 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Luckycat.c Checkin
(mobile_malware.rules)
  2820951 - ETPRO MOBILE_MALWARE Android/TrojanDropper.Shedun.V Checkin 3
(mobile_malware.rules)
  2821474 - ETPRO MOBILE_MALWARE Android/Secapk.F Checkin 4
(mobile_malware.rules)
  2821725 - ETPRO TROJAN Win32/Agent.WTE/Manuscrypt HTTP CnC Beacon
(trojan.rules)
  2821893 - ETPRO MOBILE_MALWARE Trojan-Downloader.AndroidOS.Agent.dj
Checkin (mobile_malware.rules)
  2821894 - ETPRO MOBILE_MALWARE Trojan-Downloader.AndroidOS.Agent.dj
Checkin 2 (mobile_malware.rules)
  2822114 - ETPRO TROJAN Etirehni/PYLOT CnC Beacon - Downloaded by Cmstar
(trojan.rules)
  2822817 - ETPRO TROJAN Terse HTTP Request to Pastebin Likely Malicious
(trojan.rules)
  2824604 - ETPRO MOBILE_MALWARE Anubis Android Loader / BankBot Checkin
(mobile_malware.rules)
  2824684 - ETPRO POLICY External IP Lookup localize.pdfforge.org
(policy.rules)
  2825511 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Triada.bd Checkin
(mobile_malware.rules)
  2825520 - ETPRO TROJAN MSIL/TrojanDownloader.Agent.PLJ Download
(trojan.rules)
  2825521 - ETPRO TROJAN Win32/TrojanDownloader.Perkesh.J CnC Beacon
(trojan.rules)
  2825544 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Triada.bh Checkin
(mobile_malware.rules)
  2825545 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Triada.bh Checkin 2
(mobile_malware.rules)
  2825548 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Triada.v Checkin
(mobile_malware.rules)
  2825549 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Triada.v Checkin 2
(mobile_malware.rules)
  2825581 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Triada.aw Checkin
(mobile_malware.rules)
  2825582 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Triada.at CnC Beacon
(mobile_malware.rules)
  2825586 - ETPRO TROJAN SpyLuk RAT Checkin (trojan.rules)
  2825587 - ETPRO MOBILE_MALWARE Android/Spy.Banker.IE Checkin
(mobile_malware.rules)
  2825588 - ETPRO MOBILE_MALWARE Android/Spy.Banker.IE Checkin 2
(mobile_malware.rules)
  2825616 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Agent.ay CnC
Beacon (mobile_malware.rules)
  2825617 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Triada.aw Checkin 2
(mobile_malware.rules)
  2825621 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Triada.bz Checkin
(mobile_malware.rules)
  2825626 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Triada.aw Checkin 4
(mobile_malware.rules)
  2825633 - ETPRO MOBILE_MALWARE PUP Android/Cooee.B Checkin
(mobile_malware.rules)
  2825634 - ETPRO MOBILE_MALWARE PUP Android/Cooee.B Checkin 2
(mobile_malware.rules)
  2825643 - ETPRO MOBILE_MALWARE Android.Riskware.SMSSend.B Checkin
(mobile_malware.rules)
  2825652 - ETPRO POLICY External IP Lookup ipapi.co (policy.rules)
  2825653 - ETPRO POLICY External IP Lookup ipof.in (policy.rules)
  2825696 - ETPRO TROJAN W32/Unknown Coinminer Module DL (trojan.rules)
  2825718 - ETPRO TROJAN Win32/TrojanDownloader.Agent.DHD Checkin
(trojan.rules)
  2825790 - ETPRO MOBILE_MALWARE Android.Trojan.InfoStealer.IC CnC Beacon 2
(mobile_malware.rules)
  2825823 - ETPRO TROJAN MICROPSIA Retrieving CnC Location (trojan.rules)
  2825843 - ETPRO MOBILE_MALWARE Android/SMForw.RI CnC Beacon
(mobile_malware.rules)
  2825892 - ETPRO TROJAN Unknown MalDoc VBS Downloader Requesting Payload
(trojan.rules)
  2825913 - ETPRO TROJAN W32/Ramnit.A Downloader Request (trojan.rules)
  2826001 - ETPRO MOBILE_MALWARE Android/Kemoge Checkin 4
(mobile_malware.rules)
  2826020 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Fyec.bna CnC Beacon 2
(mobile_malware.rules)
  2826022 - ETPRO MOBILE_MALWARE PUA Android/SMSreg.VR Checkin
(mobile_malware.rules)
  2826051 - ETPRO MOBILE_MALWARE Android.Trojan.Agent.EZ CnC Beacon
(mobile_malware.rules)
  2826053 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.zs Checkin
(mobile_malware.rules)
  2826054 - ETPRO EXPLOIT Huawei HG532n - Enable Portmapping (exploit.rules)
  2826070 - ETPRO TROJAN Silence Downloader Dropped by CVE-2017-0199
(trojan.rules)
  2826093 - ETPRO MOBILE_MALWARE Android/TrojanDropper.Agent.AXD CnC Beacon
(mobile_malware.rules)
  2826102 - ETPRO MOBILE_MALWARE Android.Trojan.Fjcon.D Checkin
(mobile_malware.rules)
  2826117 - ETPRO TROJAN Linux.Shishiga HTTP Checkin (trojan.rules)
  2826296 - ETPRO TROJAN PowerShell/TrojanDownloader.Agent.AP - Powerstats
Checkin  (trojan.rules)
  2826297 - ETPRO TROJAN PowerShell/TrojanDownloader.Agent.AP GetCommand
 (trojan.rules)
  2826400 - ETPRO MOBILE_MALWARE Android/Fadeb.P Checkin
(mobile_malware.rules)
  2826480 - ETPRO MOBILE_MALWARE Android.Trojan.Dropper.OC Checkin
(mobile_malware.rules)
  2826481 - ETPRO MOBILE_MALWARE Android.Trojan.Dropper.OC CnC Beacon
(mobile_malware.rules)
  2826482 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.SMSreg.mh Checkin
(mobile_malware.rules)
  2826487 - ETPRO TROJAN Trojan-Banker.Win32.Banbra .pac Download Request
(trojan.rules)
  2826514 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.ft CnC
Beacon (mobile_malware.rules)
  2826530 - ETPRO TROJAN APT32 Win32/Agent.YFL Checkin (trojan.rules)
  2826538 - ETPRO TROJAN Core Bot IP Check (trojan.rules)
  2826543 - ETPRO MOBILE_MALWARE Unknown Android Trojan Checkin
(mobile_malware.rules)
  2826571 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.fb CnC
Beacon (mobile_malware.rules)
  2826597 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.cs CnC Beacon
(mobile_malware.rules)
  2826624 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Boogr.gsh CnC Beacon
(mobile_malware.rules)
  2826625 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Boogr.gsh CnC Beacon 2
(mobile_malware.rules)
  2826632 - ETPRO MOBILE_MALWARE Android/G5P.BH CnC Beacon
(mobile_malware.rules)
  2826658 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Dingwe.a SMS/Contact
Exfil (mobile_malware.rules)
  2826681 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.snt CnC
Beacon (mobile_malware.rules)
  2826685 - ETPRO MOBILE_MALWARE Android/Monitor.Spyoo.L CnC Beacon
(mobile_malware.rules)
  2826715 - ETPRO MOBILE_MALWARE Android GhostPush Checkin 8
(mobile_malware.rules)
  2826747 - ETPRO MOBILE_MALWARE Android.Trojan.FakeApp.AS Checkin
(mobile_malware.rules)
  2826835 - ETPRO MOBILE_MALWARE Android/Clicker.HA Checkin
(mobile_malware.rules)
  2826870 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ay SMS Exfil
(mobile_malware.rules)
  2826879 - ETPRO TROJAN Win32/Alureon CnC Beacon (trojan.rules)
  2827047 - ETPRO MOBILE_MALWARE Android/Spy.Agent.ADB CnC Beacon
(mobile_malware.rules)
  2827072 - ETPRO TROJAN Cerber Blockchain Query 2 (trojan.rules)
  2827108 - ETPRO TROJAN Energetic Bear/Dragonfly Implant CnC Beacon
(trojan.rules)
  2827171 - ETPRO MOBILE_MALWARE Android/TrojanDropper.Agent.BDG Checkin
(mobile_malware.rules)
  2827182 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Boogr.gsh CnC Beacon 4
(mobile_malware.rules)
  2827254 - ETPRO MOBILE_MALWARE Android Unknown Trojan CnC Beacon
(mobile_malware.rules)
  2827263 - ETPRO MOBILE_MALWARE Android.Trojan.SmsSpy.TF SMS/Contact Exfil
(mobile_malware.rules)
  2827282 - ETPRO TROJAN Chthonic CnC Beacon 9 (trojan.rules)
  2827303 - ETPRO MOBILE_MALWARE Android.Trojan.Downloader.JP CnC Beacon
(mobile_malware.rules)
  2827358 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.Yoga.a CnC Beacon
(mobile_malware.rules)
  2827377 - ETPRO MOBILE_MALWARE Trojan-Downloader.AndroidOS.Agent.dj /
ANDROIDOS_LEAKERLOCKER.HRX CnC Beacon (mobile_malware.rules)
  2827392 - ETPRO MOBILE_MALWARE SMS-Flooder.AndroidOS.Agent.l CnC Beacon
(mobile_malware.rules)
  2827477 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.cn
SMS/Contact Exfil (mobile_malware.rules)
  2827573 - ETPRO TROJAN Win32/Urelas.BC CnC Beacon (trojan.rules)
  2827625 - ETPRO TROJAN Possible APT.9002 Fileless Variant CnC Beacon 2
(trojan.rules)
  2827656 - ETPRO TROJAN VBS.DrinkingGround Checkin 2 (trojan.rules)
  2827662 - ETPRO TROJAN JS/HTA Downloader Behavior M4 (trojan.rules)
  2827666 - ETPRO MOBILE_MALWARE Android.Trojan.HiddenAds.TJ CnC Beacon
(mobile_malware.rules)
  2827715 - ETPRO TROJAN W32.PooLen HTTP Request Header (trojan.rules)
  2827716 - ETPRO TROJAN W32.PooLen Download and Run Command Successful
(trojan.rules)
  2827844 - ETPRO MOBILE_MALWARE Android.Riskware.SmsPay.PO SMS Exfil
(mobile_malware.rules)
  2827901 - ETPRO MOBILE_MALWARE Android.Trojan.FakeApp.C CnC Beacon
(mobile_malware.rules)
  2828051 - ETPRO MOBILE_MALWARE Android/FakePay.A Checkin
(mobile_malware.rules)
  2828109 - ETPRO MOBILE_MALWARE Android/Spy.SmsSpy.GL SMS Exfil
(mobile_malware.rules)
  2828157 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Triada.am Checkin
(mobile_malware.rules)
  2828209 - ETPRO MOBILE_MALWARE Android/Clicker.JA / WireX Checkin
(mobile_malware.rules)
  2828211 - ETPRO MOBILE_MALWARE Android/Clicker.JA / WireX Checkin 2
(mobile_malware.rules)
  2828257 - ETPRO MOBILE_MALWARE Trojan-Clicker.AndroidOS.Xafekopy.e
Checkin (mobile_malware.rules)
  2828427 - ETPRO MOBILE_MALWARE Android/Spy.Banker.PQ Checkin
(mobile_malware.rules)
  2828440 - ETPRO TROJAN Chthonic CnC Beacon 10 (trojan.rules)
  2828469 - ETPRO MOBILE_MALWARE AdWare.AndroidOS.Dowgin.d CnC Beacon 4
(mobile_malware.rules)
  2828557 - ETPRO MOBILE_MALWARE Android.Trojan.HiddenAds.gDHTA Checkin
(mobile_malware.rules)
  2828567 - ETPRO MOBILE_MALWARE Android/JiuXuJinBao CnC Beacon
(mobile_malware.rules)
  2828762 - ETPRO MOBILE_MALWARE Android/Agent.ARZ CnC Beacon
(mobile_malware.rules)
  2828790 - ETPRO MOBILE_MALWARE Android/Geost CnC Checkin
(mobile_malware.rules)
  2829857 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.qi CnC Beacon
(mobile_malware.rules)
  2829877 - ETPRO MOBILE_MALWARE Android.Trojan.HiddenApp.EN Checkin 3
(mobile_malware.rules)
  2830011 - ETPRO MOBILE_MALWARE Android/Arukas.A!tr Checkin 2
(mobile_malware.rules)
  2830306 - ETPRO MOBILE_MALWARE Android.Trojan.SLocker.PN CnC Beacon
(mobile_malware.rules)

[---]  Disabled and modified rules:  [---]

  2024172 - ET MOBILE_MALWARE Android Trojan Pegasus CnC Beacon M2
(mobile_malware.rules)
  2806829 - ETPRO MOBILE_MALWARE Trojan-Downloader.AndroidOS.Fav.a Checkin
(mobile_malware.rules)
  2807826 - ETPRO TROJAN Win32/Parite.B Checkin 1 (trojan.rules)
  2811838 - ETPRO INFO Suspicious Terse HTTP Request to Pastebin
(info.rules)
  2825542 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.ol Checkin
(mobile_malware.rules)
  2825635 - ETPRO MOBILE_MALWARE Android.Trojan.Fotemain.B CnC Beacon
(mobile_malware.rules)
  2825636 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.g SMS Exfil
(mobile_malware.rules)
  2825641 - ETPRO MOBILE_MALWARE Android/SmForw.J CnC Beacon
(mobile_malware.rules)
  2826004 - ETPRO TROJAN Malicious Fake Browser Update JS Download Response
(trojan.rules)
  2826208 - ETPRO MOBILE_MALWARE Android.Riskware.SMSReg.FS CnC Beacon 2
(mobile_malware.rules)
  2827541 - ETPRO MOBILE_MALWARE Android Unknown Trojan SMS Exfil
(mobile_malware.rules)
  2827667 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Hiddad.ck CnC Beacon
(mobile_malware.rules)
  2827974 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Hqwar.gen /
BankBot Checkin (mobile_malware.rules)
  2828004 - ETPRO MOBILE_MALWARE Android.Trojan.Agent.cm CnC Beacon
(mobile_malware.rules)
  2828061 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.PornVideo.ao / ZNIU
Checkin (mobile_malware.rules)
  2828308 - ETPRO MOBILE_MALWARE Android/DoubleLocker.A CnC Beacon 2
(mobile_malware.rules)

[---]         Removed rules:         [---]

  2018174 - ET INFO RelevantKnowledge Adware CnC Beacon (info.rules)

Date:
Summary title:
4 new OPEN, 26 new PRO (4 + 22). RelevantKnowledge, MSIL/Hive/Firebird RAT CnC, Win32/Agent.YMU, Win32/Remcos RAT, Win32/Banbra Variant, Coinminers, VARIOUS PHISH.