[Emerging-Sigs] Daily Ruleset Update Summary 2017/10/16
Travis Green
tgreen at emergingthreats.net
Mon Oct 16 17:38:51 EDT 2017
[***] Summary: [***]
5 new Open, 9 new Pro (5 + 9). Android/DoubleLocker.A, MSIL/CoalaBot,
Magniber Ransomware, Various Phishing.
Thanks: Adair John Collins, Shyaam Sundhar
[+++] Added rules: [+++]
Open:
2024843 - ET SCAN struts-pwn User-Agent (scan.rules)
2024844 - ET CURRENT_EVENTS Tech Support Phone Scam Landing M1 Oct 16 2016
(current_events.rules)
2024845 - ET CURRENT_EVENTS Tech Support Phone Scam Landing M2 Oct 16 2016
(current_events.rules)
2024846 - ET CURRENT_EVENTS Successful Paypal Phish Oct 16 2017
(current_events.rules)
2024847 - ET CURRENT_EVENTS Successful Paypal (FR) Phish Oct 16 2017
(current_events.rules)
Pro:
2828308 - ETPRO MOBILE_MALWARE Android/DoubleLocker.A CnC Beacon 2
(mobile_malware.rules)
2828310 - ETPRO MOBILE_MALWARE Android/DoubleLocker.A DNS Lookup
(mobile_malware.rules)
2828312 - ETPRO TROJAN Unknown Maldoc POST to CnC (trojan.rules)
2828313 - ETPRO TROJAN MSIL/CoalaBot CnC Checkin M2 (trojan.rules)
2828314 - ETPRO TROJAN Magniber Ransomware Checkin 1 (trojan.rules)
2828315 - ETPRO TROJAN Magniber Ransomware Checkin 2 (trojan.rules)
2828316 - ETPRO TROJAN Orz JavaScript Backdoor Sending Password to CnC
(trojan.rules)
2828317 - ETPRO TROJAN Orz JavaScript Backdoor Communicating with CnC
(trojan.rules)
2828318 - ETPRO CURRENT_EVENTS Successful Apple GSX Phish Oct 16 2017
(current_events.rules)
[///] Modified active rules: [///]
2014726 - ET POLICY Outdated Flash Version M1 (policy.rules)
2024379 - ET POLICY Outdated Flash Version M2 (policy.rules)
2810628 - ETPRO TROJAN NanHaiShu JavaScript backdoor CnC Beacon M2 (b64 3)
(trojan.rules)
2815494 - ETPRO CURRENT_EVENTS AES Crypto Observed in Javascript -
Possible Phishing Landing M1 Dec 28 2015 (current_events.rules)
2815495 - ETPRO CURRENT_EVENTS Anonisma AES Crypto Observed in Javascript
- Possible Phishing Landing M2 Dec 28 2015 (current_events.rules)
2827111 - ETPRO MOBILE_MALWARE Android/DoubleLocker.A CnC Beacon
(mobile_malware.rules)
2828286 - ETPRO TROJAN Sage Ransomware Variant Checkin (trojan.rules)
--
PGP: 0xBED7B297
<https://pgp.mit.edu/pks/lookup?op=get&search=0x6B68453CBED7B297>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20171016/9269f573/attachment-0001.html>
More information about the Emerging-sigs
mailing list