[Emerging-Sigs] Daily Ruleset Update Summary 2018/02/20

Travis Green tgreen at emergingthreats.net
Tue Feb 20 12:53:54 HST 2018


[***]            Summary:            [***]

3 new Open, 27 new Pro (3 + 24). Win32/FileTour Variant, MSIL/CTUA.Miner,
Coldroot RAT, Various Mobile, Various Phishing.


[+++]          Added rules:          [+++]

Open:

 2025371 - ET CURRENT_EVENTS Smartermail Phishing Landing 2018-02-20
(current_events.rules)
 2025372 - ET CURRENT_EVENTS USAA Phishing Landing 2018-02-20
(current_events.rules)
 2025373 - ET CURRENT_EVENTS Yahoo Phishing Landing 2018-02-20
(current_events.rules)

Pro:

 2829218 - ETPRO MALWARE Win32/FileTour Variant CnC Checkin (malware.rules)
 2829724 - ETPRO CURRENT_EVENTS Successful Apple Phish 2018-02-20
(current_events.rules)
 2829725 - ETPRO CURRENT_EVENTS Successful Apple Phish 2018-02-20
(current_events.rules)
 2829726 - ETPRO CURRENT_EVENTS Successful AT&T Phish 2018-02-20
(current_events.rules)
 2829727 - ETPRO MALWARE MSIL/Adware.Temonde Activity (malware.rules)
 2829728 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2018-02-20
(current_events.rules)
 2829729 - ETPRO CURRENT_EVENTS Successful Commonwealth Bank Phish
2018-02-20 (current_events.rules)
 2829730 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2018-02-20
(current_events.rules)
 2829731 - ETPRO CURRENT_EVENTS Successful Apple Phish 2018-02-20
(current_events.rules)
 2829732 - ETPRO TROJAN Shifr/Shurl0cker Ransomware CnC DNS Lookup
(trojan.rules)
 2829733 - ETPRO TROJAN MSIL/CTUA.Miner Retrieving Config (trojan.rules)
 2829734 - ETPRO MALWARE Win32/FileTour Variant CnC Checkin (malware.rules)
 2829735 - ETPRO TROJAN Malicious PS/CoinMiner Domain Observed
(mariadeabreu .cf in DNS Lookup) (trojan.rules)
 2829736 - ETPRO TROJAN Malicious PS/CoinMiner Domain Observed
(mariadeabreu .cf in TLS SNI) (trojan.rules)
 2829737 - ETPRO TROJAN MSIL/CrabbMiner CnC Activity (trojan.rules)
 2829738 - ETPRO MOBILE_MALWARE Android/Coinminer.V Checkin
(mobile_malware.rules)
 2829739 - ETPRO TROJAN Coldroot RAT CnC Checkin (trojan.rules)
 2829740 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-02-20 1) (trojan.rules)
 2829741 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-02-20 2) (trojan.rules)
 2829742 - ETPRO MOBILE_MALWARE Android Rootnik-AI Checkin
(mobile_malware.rules)
 2829743 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-02-20 3) (trojan.rules)
 2829744 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-02-20 4) (trojan.rules)
 2829745 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-02-20 5) (trojan.rules)
 2829746 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-02-20 6) (trojan.rules)


[///]     Modified active rules:     [///]



[---]         Removed rules:         [---]

 2829218 - ETPRO TROJAN Win32/FileTour Variant CnC Checkin (trojan.rules)


-- 
PGP: 0xBED7B297
<https://pgp.mit.edu/pks/lookup?op=get&search=0x6B68453CBED7B297>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20180220/d50f77da/attachment.html>


More information about the Emerging-sigs mailing list