[Emerging-Sigs] Daily Ruleset Update Summary 2019/08/20

Jack Mott jmott at emergingthreats.net
Tue Aug 20 14:16:07 HDT 2019


[***]            Summary:            [***]

1 new Open, 20 new Pro (1 + 19). BalkanDoor, AndroidOS/Trojan.QNXX-3,
Amadey, Coinminers, Various Phishing.

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

 [+++]          Added rules:          [+++]

 Open:

  2027898 - ET TROJAN BalkanDoor CnC Checkin - Server Response
(trojan.rules)

Pro:

  2836316 - ETPRO TROJAN Win32/Agent.ZJK User-Agent Observed (trojan.rules)
  2838088 - ETPRO MOBILE_MALWARE Android/TrojanDownloader.Agent.LV Checkin
(mobile_malware.rules)
  2838089 - ETPRO MOBILE_MALWARE AndroidOS/Trojan.QNXX-3 Reporting App List
(mobile_malware.rules)
  2838090 - ETPRO TROJAN Observed Malicious SSL Cert (CobInt Downloader)
(trojan.rules)
  2838091 - ETPRO TROJAN Amadey CnC Activity (trojan.rules)
  2838092 - ETPRO TROJAN Observed Malicious SSL Cert (Cobalt Strike CnC)
(trojan.rules)
  2838093 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-08-20 1) (trojan.rules)
  2838094 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-08-20 2) (trojan.rules)
  2838095 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-08-20 3) (trojan.rules)
  2838096 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-08-20 (current_events.rules)
  2838097 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-08-20 (current_events.rules)
  2838098 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish
2019-08-20 (current_events.rules)
  2838099 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-08-20 (current_events.rules)
  2838100 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-08-20 (current_events.rules)
  2838101 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-08-20 (current_events.rules)
  2838102 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-08-20 (current_events.rules)
  2838103 - ETPRO CURRENT_EVENTS Successful IRS Phish 2019-08-20
(current_events.rules)
  2838104 - ETPRO CURRENT_EVENTS Successful Paypal DE Phish 2019-08-20
(current_events.rules)
  2838105 - ETPRO CURRENT_EVENTS SocEng Redirect Chain - Evil Keitaro
Set-Cookie Inbound (506ef) (current_events.rules)

[///]     Modified active rules:     [///]

  2027221 - ET TROJAN Observed Malicious SSL Cert (Unattributed CnC)
(trojan.rules)
  2827781 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2017-08-31 1) (trojan.rules)
  2835150 - ETPRO CURRENT_EVENTS SocEng Redirect Chain - Evil Keitaro
Set-Cookie Inbound (9d5e3) (current_events.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20190820/3611d9b2/attachment.html>


More information about the Emerging-sigs mailing list