[***] Summary: [***]

5 new OPEN, 20 new PRO (5 + 15). MSIL/Agent.DNL, Win32/Malgent!MSR,
BazaLoader, Android/Clicker.PAG, Win32/Remcos, Coinminers.

Thanks: @fr0s7_

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++] Added rules: [+++]

Open:

2033743 - ET TROJAN MSIL/Agent.DNL CnC Activity M1 (trojan.rules)
2033744 - ET TROJAN MSIL/Agent.DNL Server Response Task (whoami)
(trojan.rules)
2033745 - ET INFO Base64 Encoded whoami in HTTP Server Response
(info.rules)
2033746 - ET TROJAN Win32/Malgent!MSR Dropper Requesting Payload
(trojan.rules)
2033747 - ET TROJAN Win32/Malgent!MSR User-Agent (trojan.rules)

Pro:

2849696 - ETPRO TROJAN Observed Malicious SSL Cert (BazaLoader CnC)
(trojan.rules)
2849697 - ETPRO TROJAN BazaLoader Server Response (2021-08-18)
(trojan.rules)
2849698 - ETPRO TROJAN BazaLoader CnC Activity M7 (trojan.rules)
2849699 - ETPRO MOBILE_MALWARE Android/Clicker.PAG Checkin
(mobile_malware.rules)
2849700 - ETPRO MOBILE_MALWARE Android/Agent.BQX (TLS SNI) 181
(mobile_malware.rules)
2849701 - ETPRO MOBILE_MALWARE Android/Agent.BQX (TLS SNI) 182
(mobile_malware.rules)
2849702 - ETPRO MOBILE_MALWARE Android/Agent.BQX (TLS SNI) 183
(mobile_malware.rules)
2849703 - ETPRO MOBILE_MALWARE Android/Agent.BQX (TLS SNI) 184
(mobile_malware.rules)
2849704 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT)
(trojan.rules)
2849705 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT)
(trojan.rules)
2849706 - ETPRO MOBILE_MALWARE Android/Agent.BQX (TLS SNI) 185
(mobile_malware.rules)
2849707 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-08-19 1) (trojan.rules)
2849708 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-08-19 2) (trojan.rules)
2849709 - ETPRO TROJAN Win32/Remcos RAT Checkin 741 (trojan.rules)
2849710 - ETPRO TROJAN Win32/Remcos RAT Checkin 742 (trojan.rules)

[///] Modified active rules: [///]

2033279 - ET TROJAN BazaLoader Activity (GET) (trojan.rules)