Daily Ruleset Update Summary
Daily Ruleset Update Summary 2021/06/17

[***] Summary: [***]

3 new OPEN, 13 new PRO (3 + 10). Cobalt Strike, UNC2628, AsyncRAT,
Various Phish.

We are continuing to update rule metadata so there will be a large
number of modified rules in the daily summary in the coming weeks.

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++] Added rules: [+++]

Open:

2033148 - ET TROJAN Cobalt Strike Malleable C2 Profile
(extension.css) (trojan.rules)
2033149 - ET TROJAN UNC2628 BEACON Activity (GET) (trojan.rules)
2033151 - ET TROJAN UNC2628 Malicious MSHTA Activity (GET) (trojan.rules)

Pro:

2848986 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT) (trojan.rules)
2848987 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT) (trojan.rules)
2848988 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-17 1) (trojan.rules)
2848989 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-17 2) (trojan.rules)
2848990 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-17 3) (trojan.rules)
2848991 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-17 4) (trojan.rules)
2848992 - ETPRO CURRENT_EVENTS Successful Generic Phish 2021-06-17
(current_events.rules)
2848993 - ETPRO CURRENT_EVENTS Successful Quickbooks Phish
2021-06-17 (current_events.rules)
2848994 - ETPRO CURRENT_EVENTS Successful Generic Phish 2021-06-17
(current_events.rules)
2848995 - ETPRO CURRENT_EVENTS Successful Citizens Bank Phish
2021-06-17 (current_events.rules)

[///] Modified active rules: [///]

2021692 - ET CURRENT_EVENTS Possible Successful Generic Phish -
Credit Card (current_events.rules)
2021693 - ET CURRENT_EVENTS Possible Successful Generic Phish -
Three Security Questions (current_events.rules)
2024554 - ET CURRENT_EVENTS Possible Successful Generic Phish (set)
Feb 26 2016 (current_events.rules)
2024555 - ET CURRENT_EVENTS Possible Successful Generic Phish (set)
Feb 26 2016 (current_events.rules)
2024556 - ET CURRENT_EVENTS Possible Successful Generic Phish (set)
Feb 26 2016 (current_events.rules)
2024557 - ET CURRENT_EVENTS Possible Successful Generic Phish (set)
Jun 8 2016 (current_events.rules)
2024558 - ET CURRENT_EVENTS Possible Successful Generic Phish (set)
Jul 13 2016 (current_events.rules)
2024560 - ET CURRENT_EVENTS Possible Successful Generic Phish (set)
Aug 19 2016 (current_events.rules)
2024561 - ET CURRENT_EVENTS Possible Successful Generic Phish (set)
Sept 02 2016 (current_events.rules)
2024562 - ET CURRENT_EVENTS Possible Successful Generic Phish (set)
Oct 13 2016 (current_events.rules)
2024563 - ET CURRENT_EVENTS Possible Successful Generic Phish (set)
Oct 25 2016 (current_events.rules)
2024564 - ET CURRENT_EVENTS Possible Successful Generic Phish (set)
Oct 26 2016 (current_events.rules)
2024565 - ET CURRENT_EVENTS Possible Successful Generic Phish (set)
Nov 15 2016 (current_events.rules)
2024566 - ET CURRENT_EVENTS Possible Successful Generic Phish (set)
Nov 16 2016 (current_events.rules)
2024567 - ET CURRENT_EVENTS Possible Successful Generic Phish (set)
Nov 22 2016 (current_events.rules)
2024568 - ET CURRENT_EVENTS Possible Successful Generic Phish (set)
Dec 07 2016 (current_events.rules)
2024569 - ET CURRENT_EVENTS Possible Successful Generic Phish (set)
Dec 13 2016 (current_events.rules)
2024570 - ET CURRENT_EVENTS Possible Successful Generic Phish (set)
Dec 20 2016 (current_events.rules)
2024571 - ET CURRENT_EVENTS Possible Successful Generic Phish (set)
Dec 27 2016 (current_events.rules)
2024572 - ET CURRENT_EVENTS Possible Successful Generic Phish (set)
Jan 03 2017 (current_events.rules)
2024573 - ET CURRENT_EVENTS Possible Successful Generic Phish (set)
Jan 12 2017 (current_events.rules)

Date:
Summary title:
3 new OPEN, 13 new PRO (3 + 10). Cobalt Strike, UNC2628, AsyncRAT, Various Phish.