[***] Summary: [***]

0 new OPEN, 13 new PRO (0 + 13). VictoryGate, CoinMiners, Others.

For those of you attending Suricon - be sure to attend 'Making CENTS of
Malware Configurations' (Oct 21st, 11:45-12:30 (EDT)) by several members of
the Emerging Threats team!

If you were unable to attend in person, you can instead attend virtually,
more information here - https://suricon.net/virtual-attendance/

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++] Added rules: [+++]

Pro:

2850249 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-10-19 1) (trojan.rules)
2850250 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-10-19 2) (trojan.rules)
2850251 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-10-19 3) (trojan.rules)
2850252 - ETPRO TROJAN Win32/Agent.AAGF CnC Checkin (trojan.rules)
2850253 - ETPRO TROJAN Win32/VictoryGate CnC Checkin (trojan.rules)
2850254 - ETPRO TROJAN Win32/VictoryGate Submitting Additional Info to
CnC (trojan.rules)
2850255 - ETPRO TROJAN Win32/VictoryGate Requesting Miner Payload
(trojan.rules)

[///] Modified active rules: [///]

2034209 - ET TROJAN Observed Malicious SSL/TLS Certificate (Jasper CnC)
(trojan.rules)
2034210 - ET TROJAN Jasper URI Path Observed M1 (trojan.rules)
2034211 - ET TROJAN Jasper URI Path Observed M2 (trojan.rules)

---------------------------------------

James Emery-Callcott
Security Researcher | ProofPoint Inc | Emerging Threats Team