[Emerging-Sigs] Daily Ruleset Update Summary 2019/04/15

Jason Williams jwilliams at emergingthreats.net
Mon Apr 15 14:13:27 HDT 2019 

[***]            Summary:            [***]

5 new Open, 44 new Pro (5 + 39). RATChat, Baldr Stealer, Clouds DDoS,
Various Phishing, Mobile.

[+++]          Added rules:          [+++]

Open:

  2027197 - ET CURRENT_EVENTS Tech Support Scam Landing M1 2019-04-15
(current_events.rules)
  2027198 - ET CURRENT_EVENTS Tech Support Scam Landing M2 2019-04-15
(current_events.rules)
  2027199 - ET POLICY URL Shortener Service Domain in DNS Lookup
(policy.rules)
  2027200 - ET POLICY Observed SSL Cert (URL Shortener Service)
(policy.rules)
  2027201 - ET POLICY Explorer Shell CLSID COM Object Call Method Inbound
via TCP (policy.rules)

Pro:

  2835847 - ETPRO MOBILE_MALWARE AndroidOS/Trojan.OUOW-0 Checkin
(mobile_malware.rules)
  2835848 - ETPRO MOBILE_MALWARE Trojan.Android.FakeInst.dmhskz Checkin
(mobile_malware.rules)
  2835849 - ETPRO MOBILE_MALWARE Android/Agent.AOE!tr Checkin
(mobile_malware.rules)
  2835850 - ETPRO MOBILE_MALWARE Android/Agent.AOE!tr Checkin 2
(mobile_malware.rules)
  2835851 - ETPRO WEB_CLIENT VBScript Heap Overflow CVE-2019-0666
(web_client.rules)
  2835852 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-04-15 1) (trojan.rules)
  2835853 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-04-15 2) (trojan.rules)
  2835854 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-04-15 3) (trojan.rules)
  2835855 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-04-15 4) (trojan.rules)
  2835856 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-04-15 5) (trojan.rules)
  2835857 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-04-15 6) (trojan.rules)
  2835858 - ETPRO TROJAN Remcos RAT Checkin 98 (trojan.rules)
  2835859 - ETPRO TROJAN Baldr Stealer CnC Checkin (trojan.rules)
  2835860 - ETPRO TROJAN Win32/Clouds.DDoS CnC Checkin (trojan.rules)
  2835861 - ETPRO CURRENT_EVENTS Successful Google Account Phish 2019-04-15
(current_events.rules)
  2835862 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-04-15 (current_events.rules)
  2835863 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2019-04-15 (current_events.rules)
  2835864 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2019-04-15 (current_events.rules)
  2835865 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-04-15 (current_events.rules)
  2835866 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-04-15 (current_events.rules)
  2835867 - ETPRO CURRENT_EVENTS Successful OneDrive Phish 2019-04-15
(current_events.rules)
  2835868 - ETPRO CURRENT_EVENTS Successful OneDrive Phish 2019-04-15
(current_events.rules)
  2835869 - ETPRO CURRENT_EVENTS Successful Adobe Phish 2019-04-15
(current_events.rules)
  2835870 - ETPRO CURRENT_EVENTS Successful 1&1 Webmail Phish 2019-04-15
(current_events.rules)
  2835871 - ETPRO CURRENT_EVENTS Successful Spotify Phish 2019-04-15
(current_events.rules)
  2835872 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-04-15 (current_events.rules)
  2835873 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2019-04-15 (current_events.rules)
  2835874 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-04-15 (current_events.rules)
  2835875 - ETPRO CURRENT_EVENTS Successful Outlook Phish 2019-04-15
(current_events.rules)
  2835876 - ETPRO CURRENT_EVENTS Successful MyEE Phish 2019-04-15
(current_events.rules)
  2835877 - ETPRO CURRENT_EVENTS Successful Citi Phish 2019-04-15
(current_events.rules)
  2835878 - ETPRO CURRENT_EVENTS Successful Citi Phish 2019-04-15
(current_events.rules)
  2835879 - ETPRO CURRENT_EVENTS Successful Scotiabank Phish 2019-04-15
(current_events.rules)
  2835880 - ETPRO CURRENT_EVENTS Successful Capital One Phish 2019-04-15
(current_events.rules)
  2835881 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-04-15 (current_events.rules)
  2835882 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-04-15 (current_events.rules)
  2835883 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-04-15 (current_events.rules)
  2835884 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-04-15 (current_events.rules)
  2835885 - ETPRO TROJAN Win32/RATChat CnC Checkin (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20190415/7562290d/attachment.html>

More information about the Emerging-sigs mailing list