[Emerging-Sigs] Daily Ruleset Update Summary 2019/04/11
Travis Green
tgreen at emergingthreats.net
Fri Apr 12 13:51:34 HDT 2019
[***] Summary: [***]
3 new Open, 20 new Pro (3 + 17). DonotGroup, MSIL.Staem,
njRAT/Bladabindi Red Devil Variant, Various Phishing, Mobile.
Thanks: Kevin Ross
[+++] Added rules: [+++]
Open:
2027194 - ET EXPLOIT Unk.IoT IPCamera Exploit Attempt Inbound (exploit.rules)
2027195 - ET MOBILE_MALWARE Observed Malicious SSL Cert (DonotGroup
Android CnC) (mobile_malware.rules)
2027196 - ET CURRENT_EVENTS Successful Generic Phish (set) 2019-04-12
(current_events.rules)
Pro:
2835830 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-04-12 1) (trojan.rules)
2835831 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-04-12 2) (trojan.rules)
2835832 - ETPRO CURRENT_EVENTS Evil JavaScript retrieved Apr 12 2019
(current_events.rules)
2835833 - ETPRO TROJAN Win32/Neshta.A Variant Coin-Miner Checkin (trojan.rules)
2835834 - ETPRO TROJAN MSIL.Staem PWS FTP Exfil (trojan.rules)
2835835 - ETPRO TROJAN njRAT/Bladabindi Red Devil Variant Command (sc)
(trojan.rules)
2835836 - ETPRO TROJAN njRAT/Bladabindi Red Devil Variant Command
(inf) (trojan.rules)
2835837 - ETPRO TROJAN njRAT/Bladabindi Red Devil Variant Sending
Screenshot (trojan.rules)
2835838 - ETPRO TROJAN njRAT/Bladabindi Red Devil Variant CnC Checkin
(trojan.rules)
2835839 - ETPRO TROJAN Crypt0L0cker DE Downloading Ransom Message (trojan.rules)
2835840 - ETPRO TROJAN IRC Generic Client Infected Message (trojan.rules)
2835841 - ETPRO CURRENT_EVENTS Successful PostFinance Phish 2019-04-12
(current_events.rules)
2835842 - ETPRO CURRENT_EVENTS Successful Generic Credit Card
Information Phish 2019-04-12 (current_events.rules)
2835843 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2019-04-12
(current_events.rules)
2835844 - ETPRO CURRENT_EVENTS Successful ABN AMRO Phish 2019-04-12
(current_events.rules)
2835845 - ETPRO CURRENT_EVENTS Successful ABN AMRO Phish 2019-04-12
(current_events.rules)
2835846 - ETPRO CURRENT_EVENTS Successful Chalbhai Phish 2019-04-12
(current_events.rules)
[///] Modified active rules: [///]
2019980 - ET POLICY External IP Check myexternalip.com (policy.rules)
2831402 - ETPRO TROJAN MSIL/Predator The Thief CnC Checkin (trojan.rules)
2831995 - ETPRO TROJAN Win32/Predator The Thief Sending Data to CnC
(trojan.rules)
--
PGP:
travisgreen.net/tgreen at emergingthreats.net.asc
travisgreen.net/travis at travisgreen.net.asc
More information about the Emerging-sigs
mailing list