Daily Ruleset Update Summary
Daily Ruleset Update Summary 2020/12/28

[***]            Summary:            [***]

5 new OPEN, 29 new PRO (5 + 24).  AsyncRAT, Redline, W32/Startun and Various Coinminer Sigs.
  
Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

  2031454 - ET TROJAN FIN7/Carbanak CnC Domain in DNS Lookup
(sephardimension .com) (trojan.rules)
  2031455 - ET TROJAN FIN7/Carbanak CnC Domain in DNS Lookup
(besaintegration .com) (trojan.rules)
  2031456 - ET TROJAN FIN7/Carbanak CnC Domain in DNS Lookup (dmnadmin .com)
(trojan.rules)
  2031457 - ET TROJAN FIN7/Carbanak CnC Domain in DNS Lookup (sendbits
.m2stor4ge .xyz) (trojan.rules)
  2031458 - ET TROJAN FIN7/Carbanak CnC Domain in DNS Lookup (myrric-uses
.singlejets .com) (trojan.rules)

Pro:

  2846260 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT)
(trojan.rules)
  2846261 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT)
(trojan.rules)
  2846262 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT)
(trojan.rules)
  2846263 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT)
(trojan.rules)
  2846264 - ETPRO TROJAN ELF/DarkNexus Variant CnC Activity (trojan.rules)
  2846265 - ETPRO TROJAN Redline - SendClientInfo Request (trojan.rules)
  2846266 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-24 1) (trojan.rules)
  2846267 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-24 2) (trojan.rules)
  2846268 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-28 1) (trojan.rules)
  2846269 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-28 2) (trojan.rules)
  2846270 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-28 3) (trojan.rules)
  2846271 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-28 4) (trojan.rules)
  2846272 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-28 5) (trojan.rules)
  2846273 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-28 6) (trojan.rules)
  2846274 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-28 7) (trojan.rules)
  2846275 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-28 8) (trojan.rules)
  2846276 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-28 9) (trojan.rules)
  2846277 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-28 10) (trojan.rules)
  2846278 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-28 11) (trojan.rules)
  2846279 - ETPRO TROJAN W32/Startun CnC Activity (trojan.rules)
  2846280 - ETPRO TROJAN Win32/TrojanDownloader.Agent.FGQ Variant CnC
Activity M2 (trojan.rules)
  2846281 - ETPRO TROJAN Win32/Remcos RAT Checkin 635 (trojan.rules)
  2846282 - ETPRO TROJAN Win32/Remcos RAT Checkin 636 (trojan.rules)
  2846283 - ETPRO CURRENT_EVENTS Successful Instagram Phish 2020-12-28
(current_events.rules)

[///]     Modified active rules:     [///]

  2846246 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT)
(trojan.rules)

Date:
Summary title:
5 new OPEN, 29 new PRO (5 + 24). AsyncRAT, Redline, W32/Startun and Various Coinminer Sigs.