Daily Ruleset Update Summary 2022/01/06

[***] Summary: [***]

1 new OPEN, 29 new PRO (1 + 28). PurpleFox Backdoor, Valyria Maldoc, CoinMiners

Proofpoint is looking to hire a Product Manager to oversee the Emerging Threats products group. Interested? Check out the posting here<https://proofpoint.wd5.myworkdayjobs.com/ProofpointCareers/job/Sunnyval…;, and reach out with any questions.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback.

[+++] Added rules: [+++]

Open:

2034859 - ET TROJAN PurpleFox Backdoor/Rootkit Download Request (trojan.rules)

Pro:

2850800 - ETPRO TROJAN Valyria Maldoc Activity (GET) (trojan.rules)

2850801 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 1) (trojan.rules)

2850802 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 2) (trojan.rules)

2850803 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 3) (trojan.rules)

2850804 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 4) (trojan.rules)

2850805 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 5) (trojan.rules)

2850806 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 6) (trojan.rules)

2850807 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 7) (trojan.rules)

2850808 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 8) (trojan.rules)

2850809 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 9) (trojan.rules)

2850810 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 10) (trojan.rules)

2850811 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 11) (trojan.rules)

2850812 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 12) (trojan.rules)

2850813 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 13) (trojan.rules)

2850814 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 14) (trojan.rules)

2850815 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 15) (trojan.rules)

2850816 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 16) (trojan.rules)

2850817 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 17) (trojan.rules)

2850818 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 18) (trojan.rules)

2850819 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 19) (trojan.rules)

2850820 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 20) (trojan.rules)

2850821 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 21) (trojan.rules)

2850822 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 22) (trojan.rules)

2850823 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 23) (trojan.rules)

2850824 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 24) (trojan.rules)

2850825 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 25) (trojan.rules)

2850826 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 26) (trojan.rules)

2850827 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2022-01-06 27) (trojan.rules)

[///] Modified active rules: [///]

2015953 - ET WEB_SERVER PIWIK Backdoored Version calls home (web_server.rules)

2022245 - ET TROJAN NetBackdoor User-Agent (.net backdoor) (trojan.rules)

2034856 - ET TROJAN PurpleFox Backdoor/Rootkit Download Server Response (trojan.rules)

Date:

Thursday, January 6, 2022

Summary title:

1 new OPEN, 29 new PRO (1 + 28). PurpleFox Backdoor, Valyria Maldoc, CoinMiners