Daily Ruleset Update Summary
Daily Ruleset Update Summary 2021/06/21

[***] Summary: [***]

3 new OPEN, 15 new PRO (3 + 12) Gelsemium, AsyncRAT, Matanbuchus, and Remcos

Thanks @ShadowChasing1

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++] Added rules: [+++]

Open:

2033152 - ET TROJAN Observed Malicious SSL Cert (Gelsemium CnC) (trojan.rules)
2033153 - ET TROJAN APT Operation Sidecopy lnk Activity (GET) (trojan.rules)
2033154 - ET TROJAN Matanbuchus CnC Domain in DNS Lookup (eonsabode
.at) (trojan.rules)

Pro:

2849007 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT) (trojan.rules)
2849008 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT) (trojan.rules)
2849009 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-19 1) (trojan.rules)
2849010 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-19 2) (trojan.rules)
2849011 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-19 3) (trojan.rules)
2849012 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-19 4) (trojan.rules)
2849013 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-19 5) (trojan.rules)
2849014 - ETPRO TROJAN Win32/Remcos RAT Checkin 725 (trojan.rules)
2849015 - ETPRO TROJAN Win32/Remcos RAT Checkin 726 (trojan.rules)
2849016 - ETPRO TROJAN Win32/Remcos RAT Checkin 727 (trojan.rules)
2849017 - ETPRO MALWARE Screenpresso Activity (GET) (malware.rules)
2849018 - ETPRO CURRENT_EVENTS Generic Credential Phish 2021-06-21
(current_events.rules)

Date:
Summary title:
3 new OPEN, 15 new PRO (3 + 12) Gelsemium, AsyncRAT, Matanbuchus, and Remcos