[Emerging-Sigs] Daily Ruleset Update Summary 2019/08/12

Jack Mott jmott at emergingthreats.net
Mon Aug 12 13:57:27 HDT 2019


[***]            Summary:            [***]

1 new Open, 34 new Pro (1 + 34).  Win32/DarkRAT, Ursnif, Miners, Various
SSL/TLS, Various Phish.

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

  2027860 - ET POLICY External IP Lookup getip.pw (policy.rules)

Pro:

  2837970 - ETPRO TROJAN Win32/DarkRAT CnC Activity (trojan.rules)
  2837971 - ETPRO TROJAN Win32/DarkRAT CnC Activity M2 (trojan.rules)
  2837972 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL
2019-08-12) (current_events.rules)
  2837973 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-08-12 1) (trojan.rules)
  2837974 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-08-12 2) (trojan.rules)
  2837975 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-08-12 3) (trojan.rules)
  2837976 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-08-12 4) (trojan.rules)
  2837977 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-08-12 5) (trojan.rules)
  2837978 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-08-12
(current_events.rules)
  2837979 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-08-12
(current_events.rules)
  2837980 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-08-12
(current_events.rules)
  2837981 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-08-12
(current_events.rules)
  2837982 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-08-12
(current_events.rules)
  2837983 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-08-12
(current_events.rules)
  2837984 - ETPRO CURRENT_EVENTS Successful Scotiabank Phish 2019-08-12
(current_events.rules)
  2837985 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-08-12
(current_events.rules)
  2837986 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-08-12
(current_events.rules)
  2837987 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-08-12
(current_events.rules)
  2837988 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-08-12
(current_events.rules)
  2837989 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-08-12 (current_events.rules)
  2837990 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-08-12 (current_events.rules)
  2837991 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-08-12
(current_events.rules)
  2837992 - ETPRO CURRENT_EVENTS Successful Adobe PDF Download Phish
2019-08-12 (current_events.rules)
  2837993 - ETPRO CURRENT_EVENTS Successful Manulife Bank Phish 2019-08-12
(current_events.rules)
  2837994 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-08-12 (current_events.rules)
  2837996 - ETPRO CURRENT_EVENTS Possible Suspicious Init JS Resource
Loaded (current_events.rules)
  2837999 - ETPRO MALWARE Win32/DriverPack Config Inbound (malware.rules)
  2838000 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC)
(trojan.rules)
  2838001 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC)
(trojan.rules)
  2838002 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC)
(trojan.rules)
  2838003 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC)
(trojan.rules)

[///]     Modified active rules:     [///]

  2815499 - ETPRO CURRENT_EVENTS Anonisma Paypal Phishing Uri Structure Dec
28 2015 (current_events.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20190812/e4a6442f/attachment.html>


More information about the Emerging-sigs mailing list