Daily Ruleset Update Summary 2022/08/26

Daily Ruleset Update Summary

[***] Summary: [***]

5 new OPEN, 32 new PRO (5 + 27). Various Android, Phishing and Miners.

Thanks @malwrhunterteam

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++] Added rules: [+++]

Open:

2038629 - ET MOBILE_MALWARE Android Dropper Checkin Activity (POST)
(mobile_malware.rules)
2038630 - ET MALWARE Win32/Unknown CnC Activity (malware.rules)
2038631 - ET PHISHING Successful Generic Credential Theft 2022-08-26
(phishing.rules)
2038632 - ET PHISHING Successful Telstra Credential Theft 2022-08-26
(phishing.rules)
2038633 - ET PHISHING Successful Bank of America Credential Phish
2022-08-25 (phishing.rules)

Pro:

2852200 - ETPRO MOBILE_MALWARE Android/Spy.SideWinder.D CnC Domain
in DNS Lookup (mobile_malware.rules)
2852201 - ETPRO MOBILE_MALWARE Android/Spy.Banker.BNH Checkin
(mobile_malware.rules)
2852202 - ETPRO MOBILE_MALWARE Android/Spy.SmsSpy.SO CnC Domain in
DNS Lookup (mobile_malware.rules)
2852203 - ETPRO MOBILE_MALWARE Android.Spy.1030.origin CnC Domain in
DNS Lookup (mobile_malware.rules)
2852204 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.abo CnC
Domain in DNS Lookup (mobile_malware.rules)
2852205 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Piom.aiuj CnC Domain
in DNS Lookup (mobile_malware.rules)
2852206 - ETPRO MOBILE_MALWARE Android/Spy.Agent.BHC CnC Domain in
DNS Lookup (mobile_malware.rules)
2852207 - ETPRO MOBILE_MALWARE Android/Spy.Agent.BHC CnC Domain in
DNS Lookup (mobile_malware.rules)
2852208 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Ahmyth.pac CnC
Domain in DNS Lookup (mobile_malware.rules)
2852209 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.AgnSmit.g
CnC Domain in DNS Lookup (mobile_malware.rules)
2852210 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.zc CnC
Domain in DNS Lookup (mobile_malware.rules)
2852211 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.zc CnC
Domain in DNS Lookup (mobile_malware.rules)
2852212 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Vultur.a CnC
Domain in DNS Lookup (mobile_malware.rules)
2852213 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Agent.fr CnC
Domain in DNS Lookup (mobile_malware.rules)
2852214 - ETPRO MOBILE_MALWARE Android/Spy.Agent.BZC Checkin
(mobile_malware.rules)
2852215 - ETPRO MOBILE_MALWARE Android/Spy.Agent.BZC CnC Domain in
DNS Lookup (mobile_malware.rules)
2852216 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.pac CnC
Domain in DNS Lookup (mobile_malware.rules)
2852217 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.gr CnC
Domain in DNS Lookup (mobile_malware.rules)
2852218 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.gr CnC
Domain in DNS Lookup (mobile_malware.rules)
2852219 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.gr CnC
Domain in DNS Lookup (mobile_malware.rules)
2852220 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.gr CnC
Domain in DNS Lookup (mobile_malware.rules)
2852221 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.gr CnC
Domain in DNS Lookup (mobile_malware.rules)
2852222 - ETPRO MOBILE_MALWARE Android.Monitor.Agent.DR/TTSpy CnC
Domain in DNS Lookup (mobile_malware.rules)
2852223 - ETPRO COINMINER CoinMiner Known Malicious Stratum Authline
(2022-08-25 1) (coinminer.rules)
2852224 - ETPRO COINMINER CoinMiner Known Malicious Stratum Authline
(2022-08-25 2) (coinminer.rules)

[+++] Enabled and modified rules: [+++]

2808357 - ETPRO MOBILE_MALWARE Android/TelMan.A Checkin (mobile_malware.rules)

[///] Modified active rules: [///]

2845285 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.va Checkin
(mobile_malware.rules)
2845831 - ETPRO MOBILE_MALWARE Android Spy DraconianPin AddUser
(mobile_malware.rules)

Date:

Friday, August 26, 2022

Summary title:

5 new OPEN, 32 new PRO (5 + 27). Various Android, Phishing and Miners.