[***] Summary: [***]

4 new OPEN, 18 new PRO (4 + 14). Trojan-Banker.AndroidOS.Sharkbot,
lu0bot Loader, Win32/Jase, TA406.

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

We are hiring a Threat Detection Engineer!
https://proofpoint.wd5.myworkdayjobs.com/ProofpointCareers/job/Illinois…

[+++] Added rules: [+++]

Open:

2034514 - ET MOBILE_MALWARE Possible
Trojan-Banker.AndroidOS.Sharkbot Activity (DNS Lookup)
(mobile_malware.rules)
2034515 - ET MOBILE_MALWARE Possible
Trojan-Banker.AndroidOS.Sharkbot Activity (DNS Lookup) 2
(mobile_malware.rules)
2034516 - ET TROJAN lu0bot Loader HTTP Request M2 (trojan.rules)
2034517 - ET TROJAN lu0bot Loader HTTP Response M2 (trojan.rules)

Pro:

2850513 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Sharkbot
Checkin (mobile_malware.rules)
2850514 - ETPRO MOBILE_MALWARE Android Banker MasterFred Checkin
(mobile_malware.rules)
2850515 - ETPRO MOBILE_MALWARE Possible Android Banker MasterFred
Activity (DNS Lookup) (mobile_malware.rules)
2850516 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Sova.e
Checkin (mobile_malware.rules)
2850517 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Sova.e
Checkin 2 (mobile_malware.rules)
2850518 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.zp
Reporting SMS (mobile_malware.rules)
2850519 - ETPRO TROJAN Win32/Jase Activity (operations) (trojan.rules)
2850520 - ETPRO TROJAN Win32/Jase Activity (wsatom) (trojan.rules)
2850521 - ETPRO TROJAN Win32/Jase Activity (uddisoap) (trojan.rules)
2850522 - ETPRO TROJAN Win32/Jase Activity (inspection) (trojan.rules)
2850523 - ETPRO TROJAN Win32/Jase Checkin Activity (trojan.rules)
2850524 - ETPRO CURRENT_EVENTS Suspicious Download of FreePNGIMG
Hosted Microsoft Content (current_events.rules)
2850526 - ETPRO TROJAN TA406 CnC Beacon (trojan.rules)

[///] Modified active rules: [///]

2030231 - ET TROJAN SHLAYER CnC (trojan.rules)
2034468 - ET TROJAN Matanbuchus Loader CnC M3 (trojan.rules)