[***] Summary: [***]

5 new OPEN, 13 new PRO (5 + 8). MuddyWater,
Trojan-Banker.AndroidOS.Fakecalls, and Remcos.

Thanks @ShadowChasing1

Due to company holiday observations, there will be no signatures
released Friday, 12/31/2021 or Monday, 1/3/2022.

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++] Added rules: [+++]

Open:

2034841 - ET GAMES Moonlight Hack Domain in DNS Lookup (games.rules)
2034842 - ET GAMES Moonlight Hack Domain in DNS Lookup (games.rules)
2034843 - ET GAMES Moonlight Hack Actvity (GET) (games.rules)
2034844 - ET TROJAN Suspected MuddyWater Related Maldoc Checkin M1
(trojan.rules)
2034845 - ET TROJAN Suspected MuddyWater Related CnC Activity (trojan.rules)

Pro:

2808924 - ETPRO INFO IP Check myexternalip.com (info.rules)
2850728 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Fakecalls.h
Checkin (mobile_malware.rules)
2850729 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Fakecalls.h
Checkin 2 (mobile_malware.rules)
2850730 - ETPRO MOBILE_MALWARE Android/Spy.Agent.BTN Checkin
(mobile_malware.rules)
2850731 - ETPRO MALWARE Suspicious ShowMyPC Download (malware.rules)
2850732 - ETPRO TROJAN Win32/Remcos RAT Checkin 765 (trojan.rules)
2850733 - ETPRO CURRENT_EVENTS Successful Mountain America Credit
Union Phish 2021-12-28 (current_events.rules)
2850734 - ETPRO CURRENT_EVENTS Successful Generic Phish 2021-12-28
(current_events.rules)

[///] Modified active rules: [///]

2810290 - ETPRO TROJAN NanoCore RAT Keepalive Response 1 (trojan.rules)
2810291 - ETPRO TROJAN NanoCore RAT Keepalive Response 2 (trojan.rules)
2837164 - ETPRO TROJAN MSIL/Agent.DPU RAT Reporting System Details
(trojan.rules)

[---] Disabled and modified rules: [---]

2023029 - ET TROJAN RAMNIT.A M2 (trojan.rules)