[Emerging-Sigs] Corrected: Daily Ruleset Update Summary 2019/04/12

Travis Green tgreen at emergingthreats.net
Fri Apr 12 14:41:31 HDT 2019 

On Fri, Apr 12, 2019 at 4:51 PM Travis Green <tgreen at emergingthreats.net> wrote:
>
> [***]            Summary:            [***]
>
> 3 new Open, 20 new Pro (3 + 17). DonotGroup, MSIL.Staem,
> njRAT/Bladabindi Red Devil Variant, Various Phishing, Mobile.
>
> Thanks: Kevin Ross
>
>
> [+++]          Added rules:          [+++]
>
> Open:
>
> 2027194 - ET EXPLOIT Unk.IoT IPCamera Exploit Attempt Inbound (exploit.rules)
> 2027195 - ET MOBILE_MALWARE Observed Malicious SSL Cert (DonotGroup
> Android CnC) (mobile_malware.rules)
> 2027196 - ET CURRENT_EVENTS Successful Generic Phish (set) 2019-04-12
> (current_events.rules)
>
> Pro:
>
> 2835830 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
> (2019-04-12 1) (trojan.rules)
> 2835831 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
> (2019-04-12 2) (trojan.rules)
> 2835832 - ETPRO CURRENT_EVENTS Evil JavaScript retrieved Apr 12 2019
> (current_events.rules)
> 2835833 - ETPRO TROJAN Win32/Neshta.A Variant Coin-Miner Checkin (trojan.rules)
> 2835834 - ETPRO TROJAN MSIL.Staem PWS FTP Exfil (trojan.rules)
> 2835835 - ETPRO TROJAN njRAT/Bladabindi Red Devil Variant Command (sc)
> (trojan.rules)
> 2835836 - ETPRO TROJAN njRAT/Bladabindi Red Devil Variant Command
> (inf) (trojan.rules)
> 2835837 - ETPRO TROJAN njRAT/Bladabindi Red Devil Variant Sending
> Screenshot (trojan.rules)
> 2835838 - ETPRO TROJAN njRAT/Bladabindi Red Devil Variant CnC Checkin
> (trojan.rules)
> 2835839 - ETPRO TROJAN Crypt0L0cker DE Downloading Ransom Message (trojan.rules)
> 2835840 - ETPRO TROJAN IRC Generic Client Infected Message (trojan.rules)
> 2835841 - ETPRO CURRENT_EVENTS Successful PostFinance Phish 2019-04-12
> (current_events.rules)
> 2835842 - ETPRO CURRENT_EVENTS Successful Generic Credit Card
> Information Phish 2019-04-12 (current_events.rules)
> 2835843 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2019-04-12
> (current_events.rules)
> 2835844 - ETPRO CURRENT_EVENTS Successful ABN AMRO Phish 2019-04-12
> (current_events.rules)
> 2835845 - ETPRO CURRENT_EVENTS Successful ABN AMRO Phish 2019-04-12
> (current_events.rules)
> 2835846 - ETPRO CURRENT_EVENTS Successful Chalbhai Phish 2019-04-12
> (current_events.rules)
>
>
> [///]     Modified active rules:     [///]
>
> 2019980 - ET POLICY External IP Check myexternalip.com (policy.rules)
> 2831402 - ETPRO TROJAN MSIL/Predator The Thief CnC Checkin (trojan.rules)
> 2831995 - ETPRO TROJAN Win32/Predator The Thief Sending Data to CnC
> (trojan.rules)
>
>
> --
> PGP:
> travisgreen.net/tgreen at emergingthreats.net.asc
> travisgreen.net/travis at travisgreen.net.asc



--
PGP:
travisgreen.net/tgreen at emergingthreats.net.asc
travisgreen.net/travis at travisgreen.net.asc

More information about the Emerging-sigs mailing list