Daily Ruleset Update Summary
Daily Ruleset Update Summary 2021/06/18

[***] Summary: [***]

0 new OPEN, 11 new PRO (0 + 11). Trojan-Spy.AndroidOS.Agent.yq,
Rootkit, Phish.

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++] Added rules: [+++]

Pro:

2848996 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.yq Checkin
(mobile_malware.rules)
2848997 - ETPRO TROJAN Unk Rootkit Dropper CnC Checkin (trojan.rules)
2848998 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-17 1) (trojan.rules)
2848999 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-17 2) (trojan.rules)
2849000 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-17 3) (trojan.rules)
2849001 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-17 4) (trojan.rules)
2849002 - ETPRO TROJAN Unk Rootkit Receiving IP Redirect Config (trojan.rules)
2849003 - ETPRO POLICY N-able Software Activity (POST) (policy.rules)
2849004 - ETPRO CURRENT_EVENTS Successful Barclays Bank Phish
2021-06-18 (current_events.rules)
2849005 - ETPRO MALWARE DiskGenius Activity (GET) (malware.rules)
2849006 - ETPRO MALWARE KC Software DUMo Activity (GET) (malware.rules)

[///] Modified active rules: [///]

2008483 - ET TROJAN FakeAV Win32/Antivirus2008 CnC Beacon (trojan.rules)
2008958 - ET TROJAN Waledac Beacon Traffic Detected (trojan.rules)
2010700 - ET TROJAN Likely Koobface Beaconing (getexe) (trojan.rules)
2011269 - ET TROJAN Downloader.Win32.Small CnC Beacon (trojan.rules)
2011278 - ET TROJAN Trojan.Win32.Cosmu.xet CnC Beacon (trojan.rules)
2012303 - ET TROJAN Night Dragon CnC Beacon Outbound (trojan.rules)
2014112 - ET TROJAN Dooptroop CnC Beacon (trojan.rules)
2014636 - ET TROJAN FakeM RAT CnC Beacon (trojan.rules)
2016014 - ET TROJAN Win32/Trojan.Agent.AXMO CnC Beacon (trojan.rules)
2016050 - ET TROJAN W32.Daws/Sanny CnC Initial Beacon (trojan.rules)
2016125 - ET TROJAN W32/Downloader.FakeFlashPlayer Status.Php CnC
Beacon (trojan.rules)
2016139 - ET TROJAN Sakula/Mivast RAT CnC Beacon 1 (trojan.rules)
2016205 - ET TROJAN W32/Zemra.DDoS.Bot Variant CnC Beacon (trojan.rules)
2016206 - ET TROJAN W32/Iyus.H Initial CnC Beacon (trojan.rules)
2016273 - ET TROJAN W32/Bilakip.A Downloader API Ping CnC Beacon
(trojan.rules)
2016312 - ET TROJAN W32/DownloaderAgent.fajk Successful Infection
CnC Beacon (trojan.rules)
2016314 - ET TROJAN Linux/SSHDoor.A Reporting Backdoor CnC Beacon
(trojan.rules)
2016331 - ET TROJAN W32/Jabberbot.A Trednet XMPP CnC Beacon (trojan.rules)
2016342 - ET TROJAN W32/Beebus HTTP POST CnC Beacon (trojan.rules)
2016355 - ET TROJAN W32/ServStart.Variant CnC Beacon (trojan.rules)
2016399 - ET TROJAN W32/FloatingCloud.Banker CnC Beacon (trojan.rules)
2016456 - ET TROJAN WEBC2-KT3 Intial Connection Beacon APT1 Related
(trojan.rules)
2016457 - ET TROJAN WEBC2-KT3 Intial Connection Beacon Server
Response APT1 Related (trojan.rules)
2016513 - ET MOBILE_MALWARE Android/Smsilence.A Sending SMS Messages
CnC Beacon (mobile_malware.rules)
2016527 - ET TROJAN W32/Asprox php.dll.crp POST CnC Beacon (trojan.rules)
2016528 - ET TROJAN W32/Asprox CnC Beacon (trojan.rules)
2016529 - ET TROJAN W32/Asprox Passgrub POST CnC Beacon (trojan.rules)
2016533 - ET TROJAN W32/TrojanSpy.MSIL Fetch Time CnC Beacon (trojan.rules)
2016534 - ET TROJAN W32/TrojanSpy.MSIL Get New MAC CnC Beacon (trojan.rules)
2016535 - ET TROJAN W32/TrojanSpy.MSIL Set Done Day CnC Beacon (trojan.rules)
2016536 - ET TROJAN W32/TrojanSpy.MSIL Fetch Header CnC Beacon (trojan.rules)
2016546 - ET MALWARE W32/Eorezo.Adware CnC Beacon (malware.rules)
2016552 - ET TROJAN W32/Trustezeb.C CnC Beacon (trojan.rules)
2016568 - ET TROJAN W32/LetsGo.APT Sleep CnC Beacon (trojan.rules)
2016637 - ET TROJAN W32/GameThief Initial CnC Beacon (trojan.rules)

Date:
Summary title:
0 new OPEN, 11 new PRO (0 + 11). Trojan-Spy.AndroidOS.Agent.yq, Rootkit, Phish.