[***] Summary: [***]

0 new OPEN, 17 new PRO (0 + 17). TrickBot, Remcos, Mirai, Various
Phish, Others.

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++] Added rules: [+++]

Pro:

2846936 - ETPRO TROJAN Observed MSIL/Downloader.Seraph.gen
User-Agent (trojan.rules)
2846937 - ETPRO TROJAN Observed Win32/FakeMS.SM2 Referer (trojan.rules)
2846938 - ETPRO TROJAN ELF/Mirai Variant CnC Activity (trojan.rules)
2846939 - ETPRO CURRENT_EVENTS Successful Generic Credit Card
Information Phish 2021-02-05 (current_events.rules)
2846940 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish
2021-02-05 (current_events.rules)
2846941 - ETPRO CURRENT_EVENTS Successful Stewart Phish 2021-02-05
(current_events.rules)
2846942 - ETPRO CURRENT_EVENTS Successful Verizon Phish 2021-02-05
(current_events.rules)
2846943 - ETPRO CURRENT_EVENTS Successful Instagram Phish 2021-02-05
(current_events.rules)
2846944 - ETPRO CURRENT_EVENTS Successful Dropbox Phish 2021-02-05
(current_events.rules)
2846945 - ETPRO CURRENT_EVENTS Successful Outlook Web App Phish
2021-02-05 (current_events.rules)
2846946 - ETPRO CURRENT_EVENTS Successful Poloniex Phish 2021-02-05
(current_events.rules)
2846947 - ETPRO CURRENT_EVENTS Successful Caixa Phish 2021-02-05
(current_events.rules)
2846948 - ETPRO CURRENT_EVENTS Successful DHL Phish 2021-02-05
(current_events.rules)
2846949 - ETPRO TROJAN Win32/TrickBot CnC Initial Checkin M3 (trojan.rules)
2846950 - ETPRO TROJAN Win32/Remcos RAT Checkin 670 (trojan.rules)
2846951 - ETPRO TROJAN Win32/Remcos RAT Checkin 671 (trojan.rules)
2846952 - ETPRO TROJAN Win32/Remcos RAT Checkin 672 (trojan.rules)

[///] Modified active rules: [///]

2840616 - ETPRO TROJAN DiscordHaxx Token Exfil Attempt via Webhook
(trojan.rules)
2846918 - ETPRO USER_AGENTS Observed Suspicious UA (TmxWebUpdate)
(user_agents.rules)

James Emery-Callcott
Security Researcher | ProofPoint Inc | Emerging Threats Team