Daily Ruleset Update Summary
Daily Ruleset Update Summary 2021/06/23

[***] Summary: [***]

8 new OPEN, 32 new PRO (8 + 24). Win32/Unk.Lebov Stealer, Various
Webcrawler UAs, DodgerBlue Stealer, DonotGroup, Various Coinminers, Android
SMSreg-CHX, Various PHISH.

Thanks: @james_inthe_box, @ShadowChasing1

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++] Added rules: [+++]

Open:

2033163 - ET TROJAN Win32/Unk.Lebov Stealer CnC Exfil (trojan.rules)
2033164 - ET POLICY Ask Webcrawler User-Agent (policy.rules)
2033165 - ET SCAN Exabot Webcrawler User Agent (scan.rules)
2033166 - ET SCAN AOL Webcrawler User-Agent (scan.rules)
2033167 - ET TROJAN DodgerBlue Stealer Exfil (SMTP) (trojan.rules)
2033168 - ET MALWARE Win32/TrojanClicker Variant Activity (GET)
(malware.rules)
2033169 - ET TROJAN DonotGroup Maldoc Activity (GET) (trojan.rules)
2033170 - ET TROJAN Maldoc Downloading from Dropbox via API (trojan.rules)

Pro:

2849037 - ETPRO CURRENT_EVENTS Successful Outlook Phish 2021-06-22
(current_events.rules)
2849039 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT)
(trojan.rules)
2849040 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-23 1) (trojan.rules)
2849041 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-23 2) (trojan.rules)
2849042 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-23 3) (trojan.rules)
2849043 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-23 4) (trojan.rules)
2849044 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-23 5) (trojan.rules)
2849045 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-23 6) (trojan.rules)
2849046 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-23 7) (trojan.rules)
2849047 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-23 8) (trojan.rules)
2849048 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-23 9) (trojan.rules)
2849049 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-23 10) (trojan.rules)
2849050 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-23 11) (trojan.rules)
2849051 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-23 12) (trojan.rules)
2849052 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-23 13) (trojan.rules)
2849053 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-23 14) (trojan.rules)
2849054 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-23 15) (trojan.rules)
2849055 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-23 16) (trojan.rules)
2849056 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-23 17) (trojan.rules)
2849057 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-23 18) (trojan.rules)
2849058 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-23 19) (trojan.rules)
2849059 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-23 20) (trojan.rules)
2849060 - ETPRO MALWARE Android SMSreg-CHX (POST) (malware.rules)
2849061 - ETPRO CURRENT_EVENTS Successful Generic Phish 2021-06-23
(current_events.rules)

[///] Modified active rules: [///]

2849033 - ETPRO TROJAN Unk Rootkit CnC Activity M1 (trojan.rules)

[---] Removed rules: [---]

2849037 - ETPRO ACTIVEX Successful Outlook Phish 2021-06-22
(activex.rules)

Date:
Summary title:
8 new OPEN, 32 new PRO (8 + 24). Win32/Unk.Lebov Stealer, Various Webcrawler UAs, DodgerBlue Stealer, DonotGroup, Various Coinminers, Android SMSreg-CHX, Various PHISH.