[Emerging-Sigs] Daily Ruleset Update Summary 2019/10/04

Jason Williams jwilliams at emergingthreats.net
Fri Oct 4 14:28:08 HDT 2019


[***]            Summary:            [***]

  2 new Open, 20 new Pro (2 + 18).  Nemours, Cookie Monster, Various Certs,
Various Phish.

  Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

 [+++]          Added rules:          [+++]

 Open:

  2028648 - ET TROJAN Nemours/Proyecto RAT CnC Checkin (trojan.rules)
  2028649 - ET WEB_CLIENT Observed DNS Query to Malicious Cookie Monster
Roulette JS Cookie Stealer Exfil Domain (web_client.rules)

 Pro:

  2838752 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.dh Reporting
Call Info (mobile_malware.rules)
  2838753 - ETPRO TROJAN Win32/Koadic CnC Checkin (trojan.rules)
  2838754 - ETPRO WEB_CLIENT Malicious Cookie Monster Roulette JS Cookie
Stealer Exfil (web_client.rules)
  2838755 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (Maldoc DL
2019-10-04) (current_events.rules)
  2838756 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (Evil Keitaro
TDS Redirection) (current_events.rules)
  2838757 - ETPRO TROJAN Observed Malicious SSL Cert (CobInt CnC)
(trojan.rules)
  2838758 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-10-03) (trojan.rules)
  2838759 - ETPRO CURRENT_EVENTS Successful CIBC Phish 2019-10-04
(current_events.rules)
  2838760 - ETPRO CURRENT_EVENTS Successful Tangerine Bank Phish 2019-10-04
(current_events.rules)
  2838761 - ETPRO CURRENT_EVENTS Successful Generic Banking Login Phish
2019-10-04 (current_events.rules)
  2838762 - ETPRO CURRENT_EVENTS Successful Ziraat Bankasi Phish 2019-10-04
(current_events.rules)
  2838763 - ETPRO CURRENT_EVENTS Successful ABSA Phish 2019-10-04
(current_events.rules)
  2838764 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-10-04 (current_events.rules)
  2838765 - ETPRO CURRENT_EVENTS Successful Fidelity Phish 2019-10-04
(current_events.rules)
  2838766 - ETPRO CURRENT_EVENTS Successful DHL Phish 2019-10-04
(current_events.rules)
  2838767 - ETPRO TROJAN Win32/Remcos RAT Checkin 191 (trojan.rules)
  2838768 - ETPRO TROJAN Win32/Remcos RAT Checkin 192 (trojan.rules)
  2838769 - ETPRO TROJAN Win32/Remcos RAT Checkin 193 (trojan.rules)

 [---]         Removed rules:         [---]

  2025018 - ET TROJAN Possible NanoCore C2 64B (trojan.rules)
  2833740 - ETPRO TROJAN Nemours RAT CnC Checkin (trojan.rules)
  2837947 - ETPRO TROJAN Koadic CnC Activity (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20191004/e3261ad7/attachment.html>


More information about the Emerging-sigs mailing list