Daily Ruleset Update Summary 2021/04/12

[***] Summary: [***]

105 new OPEN, 131 new PRO (105 + 26) Raccoon Stealer,
Android/Agent.BQX, BazaLoader, many PHISH signatures moved to OPEN,
Others.

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++] Added rules: [+++]

Open:

2032641 - ET CURRENT_EVENTS Successful Paypal Phish M2 2016-10-06
(current_events.rules)
2032642 - ET CURRENT_EVENTS Successful Ourtime.com Phish 2016-11-28
(current_events.rules)
2032643 - ET CURRENT_EVENTS Successful Paypal Phish M1 2016-11-29
(current_events.rules)
2032644 - ET CURRENT_EVENTS Successful Paypal Phish M2 2016-11-29
(current_events.rules)
2032645 - ET CURRENT_EVENTS Successful Microsoft Live Email Account
Phish 2016-11-29 (current_events.rules)
2032646 - ET CURRENT_EVENTS Successful Google Drive Phish M1
2016-12-02 (current_events.rules)
2032647 - ET CURRENT_EVENTS Successful Google Drive Phish M2
2016-12-02 (current_events.rules)
2032648 - ET CURRENT_EVENTS Successful Three Step Gmail Phish (1 of
3) 2016-12-02 (current_events.rules)
2032649 - ET CURRENT_EVENTS Successful Three Step Gmail Phish (2 of
3) Phish 2016-12-02 (current_events.rules)
2032650 - ET CURRENT_EVENTS Successful Three Step Gmail Phish (3 of
3) 2016-12-02 (current_events.rules)
2032651 - ET CURRENT_EVENTS Successful Paypal Phish M2 2016-12-05
(current_events.rules)
2032652 - ET CURRENT_EVENTS Successful Gmail Phish 2016-12-06
(current_events.rules)
2032653 - ET CURRENT_EVENTS Successful Google Drive Phish 2016-12-07
(current_events.rules)
2032654 - ET CURRENT_EVENTS Successful Yahoo Phish 2016-12-08
(current_events.rules)
2032655 - ET CURRENT_EVENTS Successful DHL Phish 2016-12-08
(current_events.rules)
2032656 - ET CURRENT_EVENTS Successful Facebook (TR) Phish
2016-12-08 (current_events.rules)
2032657 - ET CURRENT_EVENTS Successful Stripe Phish 2016-12-09
(current_events.rules)
2032658 - ET CURRENT_EVENTS Successful Linkedin Phish 2016-12-09
(current_events.rules)
2032659 - ET CURRENT_EVENTS Successful Spyus Phish (Multiple Brands)
M1 2016-12-12 (current_events.rules)
2032660 - ET CURRENT_EVENTS Successful Spyus Phish (Multiple Brands)
M2 2016-12-12 (current_events.rules)
2032661 - ET CURRENT_EVENTS Successful Ebay Phish 2016-12-12
(current_events.rules)
2032662 - ET CURRENT_EVENTS Successful Telstra Refund Phish
2016-12-13 (current_events.rules)
2032663 - ET CURRENT_EVENTS Successful iTunes Connect Phish M1
2016-12-13 (current_events.rules)
2032664 - ET CURRENT_EVENTS Successful iTunes Connect Phish M2
2016-12-13 (current_events.rules)
2032665 - ET CURRENT_EVENTS Successful iTunes Connect Phish M3
2016-12-13 (current_events.rules)
2032666 - ET CURRENT_EVENTS Successful Discover Phish M2 2016-12-14
(current_events.rules)
2032667 - ET CURRENT_EVENTS Successful Discover Phish M3 2016-12-14
(current_events.rules)
2032668 - ET CURRENT_EVENTS Successful Tesco Bank Phish M1 Phish
2016-12-15 (current_events.rules)
2032669 - ET CURRENT_EVENTS DHL/Adobe/Excel Phishing Landing
2016-01-07 (current_events.rules)
2032670 - ET CURRENT_EVENTS Successful Dynamic Folder Phishing
2016-01-08 (current_events.rules)
2032671 - ET CURRENT_EVENTS Successful PNC Bank Phish 2016-01-09
(current_events.rules)
2032672 - ET CURRENT_EVENTS Successful IRS Phish 2016-01-23
(current_events.rules)
2032673 - ET CURRENT_EVENTS Successful DHL Phish 2016-02-09
(current_events.rules)
2032674 - ET CURRENT_EVENTS Successful Dynamic Folder Phishing
2016-02-23 (current_events.rules)
2032675 - ET CURRENT_EVENTS Successful Apple Phish M1 2016-02-23
(current_events.rules)
2032676 - ET CURRENT_EVENTS Successful Adobe Phish 2016-03-10
(current_events.rules)
2032677 - ET CURRENT_EVENTS Successful Phish to Compromised
Wordpress Site 2016-03-23 (current_events.rules)
2032678 - ET WEB_CLIENT Redirect to Adobe Shared Document Phishing
M3 2016-04-18 (web_client.rules)
2032679 - ET CURRENT_EVENTS Possible Successful SWF/XML Phish
2016-05-02 (current_events.rules)
2032680 - ET CURRENT_EVENTS Successful Onedrive Phish 2016-05-16
(current_events.rules)
2032681 - ET CURRENT_EVENTS Possible Successful Generic Phish
2016-05-26 (current_events.rules)
2032682 - ET CURRENT_EVENTS Successful Email Login Phish 2016-06-02
(current_events.rules)
2032683 - ET CURRENT_EVENTS Successful Yahoo Phish M1 2016-06-15
(current_events.rules)
2032684 - ET CURRENT_EVENTS Possible Successful Generic Phish
2016-06-22 (current_events.rules)
2032685 - ET CURRENT_EVENTS Successful Webmail Phish M1 2016-06-22
(current_events.rules)
2032686 - ET CURRENT_EVENTS Successful Craigslist Phish 2016-07-11
(current_events.rules)
2032687 - ET CURRENT_EVENTS Successful Docusign/O365 Phish
2016-07-15 (current_events.rules)
2032688 - ET CURRENT_EVENTS Successful Personalized Email Phish
2016-07-22 (current_events.rules)
2032689 - ET CURRENT_EVENTS Possible Successful Generic Phish
2016-08-19 (current_events.rules)
2032690 - ET CURRENT_EVENTS Successful Adobe Shared Document Phish
2016-08-19 (current_events.rules)
2032691 - ET CURRENT_EVENTS Possible Successful Citibank Phish M1
2016-08-22 (current_events.rules)
2032692 - ET CURRENT_EVENTS Possible Successful Citibank Phish M2
2016-08-22 (current_events.rules)
2032693 - ET CURRENT_EVENTS Team IPwned Phishing Landing 2016-08-24
(current_events.rules)
2032694 - ET CURRENT_EVENTS Successful Google Drive Phish M2
2016-08-25 (current_events.rules)
2032695 - ET CURRENT_EVENTS Successful Personalized Phish (Multiple
Brands) 2016-08-30 (current_events.rules)
2032696 - ET CURRENT_EVENTS Successful Bank of America Phish M2
2016-08-31 (current_events.rules)
2032697 - ET CURRENT_EVENTS Successful Outlook Phish 2016-08-31
(current_events.rules)
2032698 - ET CURRENT_EVENTS Successful Dynamic Folder Phishing
2016-09-12 (current_events.rules)
2032699 - ET CURRENT_EVENTS Successful Dynamic Folder Phishing M1
2016-09-26 (current_events.rules)
2032700 - ET CURRENT_EVENTS Successful Adobe Shared Document Phish
2016-10-03 (current_events.rules)
2032701 - ET CURRENT_EVENTS Successful Paypal Phish 2016-10-04
(current_events.rules)
2032702 - ET CURRENT_EVENTS Successful Paypal Phish M1 2016-10-06
(current_events.rules)
2032703 - ET CURRENT_EVENTS Successful Dynamic Folder FreeMobile
(FR) Phishing 2016-10-06 (current_events.rules)
2032704 - ET CURRENT_EVENTS Successful Paypal Phish M1 2016-10-06
(current_events.rules)
2032705 - ET CURRENT_EVENTS Successful Google Drive Phish 2016-10-06
(current_events.rules)
2032706 - ET CURRENT_EVENTS Possible Successful Generic Phish
2016-10-07 (current_events.rules)
2032707 - ET CURRENT_EVENTS Successful Chase Phish 2016-10-07
(current_events.rules)
2032708 - ET CURRENT_EVENTS Successful Dynamic Folder Phish
2016-10-10 (current_events.rules)
2032709 - ET CURRENT_EVENTS Successful Google Drive Phish 2016-10-12
(current_events.rules)
2032710 - ET CURRENT_EVENTS Successful Bank of America Phish
2016-10-14 (current_events.rules)
2032711 - ET CURRENT_EVENTS Successful Google Docs Phish M2
2016-10-19 (current_events.rules)
2032712 - ET CURRENT_EVENTS Successful Dynamic Folder Phish
2016-10-26 (current_events.rules)
2032713 - ET CURRENT_EVENTS Successful Amazon Phish 2016-10-27
(current_events.rules)
2032714 - ET CURRENT_EVENTS Successful Generic Banking Phish
2016-10-28 (current_events.rules)
2032715 - ET CURRENT_EVENTS Successful Dynamic Folder Phish
2016-11-15 (current_events.rules)
2032716 - ET CURRENT_EVENTS Successful USAA Phish 2016-11-22
(current_events.rules)
2032717 - ET CURRENT_EVENTS Successful Dynamic Folder Phish M1
2016-11-22 (current_events.rules)
2032718 - ET CURRENT_EVENTS Successful Dynamic Folder Phish M3
2016-11-22 (current_events.rules)
2032719 - ET CURRENT_EVENTS Successful Dynamic Folder Phish
2016-11-28 (current_events.rules)
2032720 - ET CURRENT_EVENTS Successful Generic Brand Phish
2016-12-01 (current_events.rules)
2032721 - ET CURRENT_EVENTS Successful National Australia Bank Phish
2016-12-02 (current_events.rules)
2032722 - ET CURRENT_EVENTS Successful Dynamic Folder Phish M1
2016-12-02 (current_events.rules)
2032723 - ET CURRENT_EVENTS Successful Dynamic Folder Phish M2
2016-12-02 (current_events.rules)
2032724 - ET CURRENT_EVENTS Successful Paypal Phish M1 2016-12-05
(current_events.rules)
2032725 - ET CURRENT_EVENTS Possible Successful *.myjino. ru Phish
2016-12-16 (current_events.rules)
2032726 - ET CURRENT_EVENTS Successful PDF Online Phish 2016-12-19
(current_events.rules)
2032727 - ET CURRENT_EVENTS Successful Paypal (DE) Phish 2016-12-19
(current_events.rules)
2032728 - ET CURRENT_EVENTS Successful Etisalat Phish 2016-12-20
(current_events.rules)
2032729 - ET CURRENT_EVENTS Successful Dubai Islamic Internet Bank
Phish 2016-12-20 (current_events.rules)
2032730 - ET CURRENT_EVENTS Successful Google Drive Phish 2016-12-22
(current_events.rules)
2032731 - ET CURRENT_EVENTS Successful Sparkasse (DE) Phish
2016-12-22 (current_events.rules)
2032732 - ET CURRENT_EVENTS Possible Successful Outlook Web App
Phish 2016-12-28 (current_events.rules)
2032733 - ET CURRENT_EVENTS Successful Webmail Account Upgrade Phish
2016-12-27 (current_events.rules)
2032734 - ET CURRENT_EVENTS Successful Protected PDF (Excel
Template) Phish 2016-12-28 (current_events.rules)
2032735 - ET CURRENT_EVENTS Successful Ebay Phish M1 2016-12-29
(current_events.rules)
2032736 - ET CURRENT_EVENTS Successful Ebay Phish M2 2016-12-29
(current_events.rules)
2032737 - ET CURRENT_EVENTS Successful Wells Fargo Phish M1
2016-12-29 (current_events.rules)
2032738 - ET WEB_CLIENT Generic Webshell Accessed on External
Compromised Server (web_client.rules)
2032739 - ET WEB_SERVER Generic Webshell Accessed on Internal
Compromised Server (web_server.rules)
2032740 - ET WEB_CLIENT Generic Webshell Accessed on External
Compromised Server (web_client.rules)
2032741 - ET WEB_SERVER Generic Webshell Accessed on Internal
Compromised Server (web_server.rules)
2032742 - ET TROJAN Observed Win32.Raccoon Stealer CnC Domain
(tapewormorchestra .top in TLS SNI) (trojan.rules)
2032743 - ET TROJAN Observed Win32.Raccoon Stealer CnC Domain
(belochkaneprihoditodna .top in TLS SNI) (trojan.rules)
2032744 - ET INFO SSL/TLS Certificate Observed (OpenNIC Project API)
(info.rules)
2032745 - ET INFO HTTP Request for OpenNIC API GeoIP Request (info.rules)

Pro:

2848124 - ETPRO MOBILE_MALWARE Android/Agent.BQX (TLS SNI) 10
(mobile_malware.rules)
2848125 - ETPRO MOBILE_MALWARE Android/Agent.BQX (TLS SNI) 11
(mobile_malware.rules)
2848126 - ETPRO MOBILE_MALWARE Android/Agent.BQX (TLS SNI) 12
(mobile_malware.rules)
2848127 - ETPRO MOBILE_MALWARE Android/Agent.BQX (TLS SNI) 13
(mobile_malware.rules)
2848128 - ETPRO MOBILE_MALWARE Android/Agent.BQX (TLS SNI) 14
(mobile_malware.rules)
2848129 - ETPRO MOBILE_MALWARE Android/Agent.BQX (TLS SNI) 15
(mobile_malware.rules)
2848130 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-04-10 1) (trojan.rules)
2848131 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-04-10 2) (trojan.rules)
2848132 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-04-10 3) (trojan.rules)
2848133 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-04-10 4) (trojan.rules)
2848134 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-04-10 5) (trojan.rules)
2848135 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-04-10 6) (trojan.rules)
2848136 - ETPRO CURRENT_EVENTS Successful Empire National Bank Phish
2021-04-12 (current_events.rules)
2848137 - ETPRO CURRENT_EVENTS Successful Royal Bank of Scotland
Phish 2021-04-12 (current_events.rules)
2848138 - ETPRO CURRENT_EVENTS Successful Benefits BH Phish
2021-04-12 (current_events.rules)
2848139 - ETPRO CURRENT_EVENTS Successful Benefits BH Phish
2021-04-12 (current_events.rules)
2848140 - ETPRO CURRENT_EVENTS Successful Strato Webmail Phish
2021-04-12 (current_events.rules)
2848141 - ETPRO CURRENT_EVENTS Successful Ruralvia Phish 2021-04-12
(current_events.rules)
2848142 - ETPRO CURRENT_EVENTS Successful Sparkasse Phish 2021-04-12
(current_events.rules)
2848143 - ETPRO CURRENT_EVENTS Successful Sparkasse Phish 2021-04-12
(current_events.rules)
2848144 - ETPRO CURRENT_EVENTS Successful Microsoft Excel Phish
2021-04-12 (current_events.rules)
2848145 - ETPRO CURRENT_EVENTS Successful Orange FR Phish 2021-04-12
(current_events.rules)
2848146 - ETPRO CURRENT_EVENTS Successful Banco de la Nacion Phish
2021-04-12 (current_events.rules)
2848147 - ETPRO CURRENT_EVENTS Successful Chase Phish 2021-04-12
(current_events.rules)
2848148 - ETPRO TROJAN Possible BazaLoader OpenNIC Request (trojan.rules)
2848149 - ETPRO MALWARE Win32/VB.NBI Checkin (malware.rules)

[---] Removed rules: [---]

2815600 - ETPRO CURRENT_EVENTS DHL/Adobe/Excel Phishing Landing Jan
05 2016 (current_events.rules)
2815640 - ETPRO CURRENT_EVENTS Successful Dynamic Folder Phishing
Jan 6 (current_events.rules)
2815666 - ETPRO CURRENT_EVENTS Successful PNC Bank Phish Jan 8
(current_events.rules)
2815926 - ETPRO CURRENT_EVENTS Successful IRS Phish Jan 22 2016
(current_events.rules)
2816119 - ETPRO CURRENT_EVENTS Successful DHL Phish Feb 8 2016
(current_events.rules)
2816343 - ETPRO CURRENT_EVENTS Successful Dynamic Folder Phishing
Feb 23 2016 (current_events.rules)
2816347 - ETPRO CURRENT_EVENTS Successful Apple Phish Feb 22 M1 2016
(current_events.rules)
2816610 - ETPRO CURRENT_EVENTS Successful Adobe Phish Mar 10 2016
(current_events.rules)
2816733 - ETPRO CURRENT_EVENTS Successful Phish to Compromised
Wordpress Site Mar 23 2016 (current_events.rules)
2819809 - ETPRO WEB_CLIENT Redirect to Adobe Shared Document
Phishing M3 Apr 15 2016 (web_client.rules)
2820014 - ETPRO CURRENT_EVENTS Possible Successful SWF/XML Phish May
2 2016 (current_events.rules)
2820238 - ETPRO CURRENT_EVENTS Successful Onedrive Phish May 16 2016
(current_events.rules)
2820364 - ETPRO CURRENT_EVENTS Possible Successful Generic Phish
2016-05-26 (current_events.rules)
2820464 - ETPRO CURRENT_EVENTS Successful Email Login Phish Jun 2
(current_events.rules)
2820666 - ETPRO CURRENT_EVENTS Successful Yahoo Phish M1 Jun 15 2016
(current_events.rules)
2820803 - ETPRO CURRENT_EVENTS Possible Successful Generic Phish Jun
22 (current_events.rules)
2820831 - ETPRO CURRENT_EVENTS Successful Webmail Phish M1 Jun 22
2016 (current_events.rules)
2821031 - ETPRO CURRENT_EVENTS Successful Craigslist Phish Jul 11
2016 (current_events.rules)
2821163 - ETPRO CURRENT_EVENTS Successful Docusign/O365 Phish Jul 15
2016 (current_events.rules)
2821336 - ETPRO CURRENT_EVENTS Successful Personalized Email Phish
Jul 22 2016 (current_events.rules)
2821753 - ETPRO CURRENT_EVENTS Possible Successful Generic Phish Aug
16 2016 (current_events.rules)
2821761 - ETPRO CURRENT_EVENTS Successful Adobe Shared Document
Phish Aug 19 2016 (current_events.rules)
2821775 - ETPRO CURRENT_EVENTS Possible Successful Citibank Phish M1
Aug 22 2016 (current_events.rules)
2821776 - ETPRO CURRENT_EVENTS Possible Successful Citibank Phish M2
Aug 22 2016 (current_events.rules)
2821828 - ETPRO CURRENT_EVENTS Team IPwned Phishing Landing Aug 24
2016 (current_events.rules)
2821852 - ETPRO CURRENT_EVENTS Successful Google Drive Phish M2 Aug
25 2016 (current_events.rules)
2821920 - ETPRO CURRENT_EVENTS Successful Personalized Phish
(Multiple Brands) Aug 30 2016 (current_events.rules)
2821938 - ETPRO CURRENT_EVENTS Successful Bank of America Phish M2
Aug 31 2016 (current_events.rules)
2821942 - ETPRO CURRENT_EVENTS Successful Outlook Phish Aug 31 2016
(current_events.rules)
2822080 - ETPRO CURRENT_EVENTS Successful Dynamic Folder Phishing
Sept 12 2016 (current_events.rules)
2822235 - ETPRO CURRENT_EVENTS Successful Dynamic Folder Phishing M1
Sept 26 2016 (current_events.rules)
2822347 - ETPRO CURRENT_EVENTS Successful Adobe Shared Document
Phish Oct 3 2016 (current_events.rules)
2822380 - ETPRO CURRENT_EVENTS Successful Paypal Phish Oct 04 2016
(current_events.rules)
2822430 - ETPRO CURRENT_EVENTS Successful Paypal Phish M1 Oct 06
2016 (current_events.rules)
2822435 - ETPRO CURRENT_EVENTS Successful Paypal Phish M2 Oct 06
2016 (current_events.rules)
2822459 - ETPRO CURRENT_EVENTS Successful Dynamic Folder FreeMobile
(FR) Phishing Oct 07 2016 (current_events.rules)
2822466 - ETPRO CURRENT_EVENTS Successful Paypal Phish M1 Oct 06
2016 (current_events.rules)
2822471 - ETPRO CURRENT_EVENTS Successful Google Drive Phish Oct 06
2016 (current_events.rules)
2822483 - ETPRO CURRENT_EVENTS Possible Successful Generic Phish Oct
07 2016 (current_events.rules)
2822498 - ETPRO CURRENT_EVENTS Successful Chase Phish Oct 07 2016
(current_events.rules)
2822522 - ETPRO CURRENT_EVENTS Successful Dynamic Folder Phish Oct
10 2016 (current_events.rules)
2822570 - ETPRO CURRENT_EVENTS Successful Google Drive Phish Oct 11
2016 (current_events.rules)
2822647 - ETPRO CURRENT_EVENTS Successful Bank of America Phish Oct
14 2016 (current_events.rules)
2822753 - ETPRO CURRENT_EVENTS Successful Google Docs Phish M2 Oct
19 2016 (current_events.rules)
2822893 - ETPRO CURRENT_EVENTS Successful Dynamic Folder Phish Oct
26 2016 (current_events.rules)
2822941 - ETPRO CURRENT_EVENTS Successful Amazon Phish Oct 27 2016
(current_events.rules)
2822984 - ETPRO CURRENT_EVENTS Successful Generic Banking Phish Oct
28 2016 (current_events.rules)
2823266 - ETPRO CURRENT_EVENTS Successful Dynamic Folder Phish Nov
15 2016 (current_events.rules)
2823400 - ETPRO CURRENT_EVENTS Successful USAA Phish Nov 21 2016
(current_events.rules)
2823401 - ETPRO CURRENT_EVENTS Successful Dynamic Folder Phish Nov
21 M1 2016 (current_events.rules)
2823403 - ETPRO CURRENT_EVENTS Successful Dynamic Folder Phish Nov
21 M3 2016 (current_events.rules)
2823484 - ETPRO CURRENT_EVENTS Successful Ourtime.com Phish Nov 28
2016 (current_events.rules)
2823488 - ETPRO CURRENT_EVENTS Successful Dynamic Folder Phish Nov
28 2016 (current_events.rules)
2823496 - ETPRO CURRENT_EVENTS Successful Paypal Phish M1 Nov 29
2016 (current_events.rules)
2823497 - ETPRO CURRENT_EVENTS Successful Paypal Phish M2 Nov 29
2016 (current_events.rules)
2823517 - ETPRO CURRENT_EVENTS Successful Microsoft Live Email
Account Phish Nov 29 2016 (current_events.rules)
2823548 - ETPRO CURRENT_EVENTS Successful Generic Brand Phish Nov 30
2016 (current_events.rules)
2823574 - ETPRO CURRENT_EVENTS Successful National Australia Bank
Phish Dec 02 2016 (current_events.rules)
2823576 - ETPRO CURRENT_EVENTS Successful Google Drive Phish M1 Dec
02 2016 (current_events.rules)
2823577 - ETPRO CURRENT_EVENTS Successful Dynamic Folder Phish M1
Dec 02 2016 (current_events.rules)
2823578 - ETPRO CURRENT_EVENTS Successful Dynamic Folder Phish M2
Dec 02 2016 (current_events.rules)
2823579 - ETPRO CURRENT_EVENTS Successful Google Drive Phish M2 Dec
02 2016 (current_events.rules)
2823580 - ETPRO CURRENT_EVENTS Successful Three Step Gmail Phish (1
of 3) Dec 02 2016 (current_events.rules)
2823581 - ETPRO CURRENT_EVENTS Successful Three Step Gmail Phish (2
of 3) Phish Dec 02 2016 (current_events.rules)
2823582 - ETPRO CURRENT_EVENTS Successful Three Step Gmail Phish (3
of 3) Dec 02 2016 (current_events.rules)
2823639 - ETPRO CURRENT_EVENTS Successful Paypal Phish M1 Dec 05
2016 (current_events.rules)
2823640 - ETPRO CURRENT_EVENTS Successful Paypal Phish M2 Dec 05
2016 (current_events.rules)
2823656 - ETPRO CURRENT_EVENTS Successful Gmail Phish Dec 05 2016
(current_events.rules)
2823666 - ETPRO CURRENT_EVENTS Successful Google Drive Phish Dec 07
2016 (current_events.rules)
2823690 - ETPRO CURRENT_EVENTS Successful Yahoo Phish Dec 08 2016
(current_events.rules)
2823694 - ETPRO CURRENT_EVENTS Successful DHL Phish Dec 06 2016
(current_events.rules)
2823696 - ETPRO CURRENT_EVENTS Successful Facebook (TR) Phish Dec 06
2016 (current_events.rules)
2823740 - ETPRO CURRENT_EVENTS Successful Stripe Phish Dec 09 2016
(current_events.rules)
2823746 - ETPRO CURRENT_EVENTS Successful Linkedin Phish Dec 09 2016
(current_events.rules)
2823779 - ETPRO CURRENT_EVENTS Successful Spyus Phish (Multiple
Brands) M1 Dec 12 2016 (current_events.rules)
2823780 - ETPRO CURRENT_EVENTS Successful Spyus Phish (Multiple
Brands) M2 Dec 12 2016 (current_events.rules)
2823781 - ETPRO CURRENT_EVENTS Successful Ebay Phish Dec 12 2016
(current_events.rules)
2823813 - ETPRO CURRENT_EVENTS Successful Telstra Refund Phish Dec
13 2016 (current_events.rules)
2823814 - ETPRO CURRENT_EVENTS Successful iTunes Connect Phish M1
Dec 13 2016 (current_events.rules)
2823815 - ETPRO CURRENT_EVENTS Successful iTunes Connect Phish M2
Dec 13 2016 (current_events.rules)
2823816 - ETPRO CURRENT_EVENTS Successful iTunes Connect Phish M3
Dec 13 2016 (current_events.rules)
2823878 - ETPRO CURRENT_EVENTS Successful Discover Phish M2 Dec 14
2016 (current_events.rules)
2823879 - ETPRO CURRENT_EVENTS Successful Discover Phish M3 Dec 14
2016 (current_events.rules)
2823905 - ETPRO CURRENT_EVENTS Successful Tesco Bank Phish M1 Phish
Dec 15 2016 (current_events.rules)
2823934 - ETPRO CURRENT_EVENTS Possible Successful *.myjino. ru
Phish Dec 16 2016 (current_events.rules)
2823946 - ETPRO CURRENT_EVENTS Successful PDF Online Phish Dec 18
2016 (current_events.rules)
2823965 - ETPRO CURRENT_EVENTS Successful Paypal (DE) Phish Dec 19
2016 (current_events.rules)
2823967 - ETPRO CURRENT_EVENTS Successful Etisalat Phish Dec 20 2016
(current_events.rules)
2823973 - ETPRO CURRENT_EVENTS Successful Dubai Islamic Internet
Bank Phish Dec 20 2016 (current_events.rules)
2824019 - ETPRO CURRENT_EVENTS Successful Google Drive Phish Dec 22
2016 (current_events.rules)
2824021 - ETPRO CURRENT_EVENTS Successful Sparkasse (DE) Phish Dec
22 2016 (current_events.rules)
2824093 - ETPRO CURRENT_EVENTS Possible Successful Outlook Web App
Phish Dec 27 2016 (current_events.rules)
2824094 - ETPRO CURRENT_EVENTS Successful Webmail Account Upgrade
Phish Dec 27 2016 (current_events.rules)
2824096 - ETPRO CURRENT_EVENTS Successful Protected PDF (Excel
Template) Phish Dec 27 2016 (current_events.rules)
2824128 - ETPRO CURRENT_EVENTS Successful Ebay Phish M1 Dec 29 2016
(current_events.rules)
2824129 - ETPRO CURRENT_EVENTS Successful Ebay Phish M2 Dec 29 2016
(current_events.rules)
2824130 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish M1 Dec
29 2016 (current_events.rules)

James Emery-Callcott
Security Researcher | ProofPoint Inc | Emerging Threats Team

Date:

Monday, April 12, 2021

Summary title:

105 new OPEN, 131 new PRO (105 + 26) Raccoon Stealer, Android/Agent.BQX, BazaLoader, many PHISH signatures moved to OPEN, Others.