[***] Summary: [***]

1 new OPEN, 9 new PRO (1 + 8). BazarLoader, CoinMiners, Phishing, SmokeLoader

Thanks @ShadowChasing1, @twinwavesec

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++] Added rules: [+++]

Open:

2034342 - ET TROJAN Lazarus Related Maldoc Activity (trojan.rules)

Pro:

2850359 - ETPRO TROJAN Valyria Maldoc/BazarLoader Activity (GET) (trojan.rules)

2850360 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2021-11-04 1) (trojan.rules)

2850361 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2021-11-04 2) (trojan.rules)

2850364 - ETPRO TROJAN Suspected Inception Related Domain in DNS Lookup (trojan.rules)

2850365 - ETPRO TROJAN Maldoc Activity (GET) (trojan.rules)

2850366 - ETPRO CURRENT_EVENTS Successful Generic Phish 2021-11-04 (current_events.rules)

2850367 - ETPRO CURRENT_EVENTS Successful Generic Phish 2021-11-04 (current_events.rules)

2850368 - ETPRO MALWARE Observed SmokeLoader CnC Activity (malware.rules)

[///] Modified active rules: [///]

2837803 - ETPRO TROJAN ELF/AmendMiner CnC Activity (trojan.rules)

2848908 - ETPRO TROJAN Valyria Maldoc/BazarLoader Activity (GET) (trojan.rules)

[---] Removed rules: [---]

2848945 - ETPRO TROJAN Valyria Maldoc Activity (GET) (trojan.rules)