Daily Ruleset Update Summary
Daily Ruleset Update Summary 2021/06/28

[***] Summary: [***]

4 new OPEN, 25 new PRO (4 + 21). NightfallGT Mercurial Grabber,
APT-C-23, Kimsuky, AsyncRAT, MSIL/GoldMiner Stealer, Various Phish.

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++] Added rules: [+++]

Open:

2033197 - ET TROJAN NightfallGT Mercurial Grabber (trojan.rules)
2033198 - ET TROJAN APT-C-23 Activity (GET) (trojan.rules)
2033199 - ET TROJAN Kimsuky Related Activity (POST) (trojan.rules)
2033200 - ET TROJAN APT-C-23 Activity (POST) (trojan.rules)

Pro:

2849084 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT) (trojan.rules)
2849085 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT) (trojan.rules)
2849086 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT) (trojan.rules)
2849087 - ETPRO INFO ELF/Suspicious Shell Script Content Inbound (info.rules)
2849088 - ETPRO TROJAN MSIL/GoldMiner Stealer CnC Data Exfil (trojan.rules)
2849089 - ETPRO TROJAN MSIL/GoldMiner Stealer CnC Checkin (trojan.rules)
2849090 - ETPRO TROJAN Observed Malicious SSL/TLS Certificate
(Gumtree Scam Related - Staging CnC) (trojan.rules)
2849091 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-26 1) (trojan.rules)
2849092 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-26 2) (trojan.rules)
2849093 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-26 3) (trojan.rules)
2849094 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-26 4) (trojan.rules)
2849095 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-26 5) (trojan.rules)
2849096 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-26 6) (trojan.rules)
2849097 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-26 7) (trojan.rules)
2849098 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-26 8) (trojan.rules)
2849099 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-06-26 9) (trojan.rules)
2849100 - ETPRO TROJAN Win32.Raccoon Stealer - Telete Checkin M2
(trojan.rules)
2849101 - ETPRO CURRENT_EVENTS Successful Huntington Bank Phish
2021-06-28 (current_events.rules)
2849102 - ETPRO TROJAN Screenshots By Grishop Builder Exfil via
Discord (trojan.rules)
2849103 - ETPRO CURRENT_EVENTS Successful ADP Phish 2021-06-28
(current_events.rules)
2849104 - ETPRO CURRENT_EVENTS Successful Generic Phish 2021-06-28
(current_events.rules)

[///] Modified active rules: [///]

2033083 - ET TROJAN APT34 Related Activity (GET) (trojan.rules)
2033084 - ET TROJAN APT34 Related DNS Tunneling Activity (trojan.rules)

Date:
Summary title:
4 new OPEN, 25 new PRO (4 + 21). NightfallGT Mercurial Grabber, APT-C-23, Kimsuky, AsyncRAT, MSIL/GoldMiner Stealer, Various Phish.