[Emerging-updates] Daily Ruleset Update Summary 2017/04/03

Travis Green tgreen at emergingthreats.net
Mon Apr 3 18:45:24 EDT 2017


[***]            Summary:            [***]

28 new Pro. CrimeScene/GhostAdmin/KeyTrap, Various Phishing, Various Android


 [+++]          Added rules:          [+++]

 Pro:

  2825699 - ETPRO TROJAN CrimeScene/GhostAdmin/KeyTrap CnC Checkin
(trojan.rules)
  2825700 - ETPRO TROJAN CrimeScene/GhostAdmin/KeyTrap Sending Screenshot
via HTTP (trojan.rules)
  2825701 - ETPRO CURRENT_EVENTS Adobe Nested Data URI Phishing Landing Apr
3 2017 (current_events.rules)
  2825702 - ETPRO CURRENT_EVENTS Successful Adobe Phish Apr 3 2017
(current_events.rules)
  2825703 - ETPRO TROJAN Bladabindi/njRat Variant CnC Checkin (trojan.rules)
  2825704 - ETPRO MOBILE_MALWARE Android/Spy.SmsSpy.IT Checkin
(mobile_malware.rules)
  2825705 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2017-04-03 1) (trojan.rules)
  2825706 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2017-04-03 2) (trojan.rules)
  2825707 - ETPRO TROJAN Win32/Unknown.CN RAT Checkin (trojan.rules)
  2825708 - ETPRO TROJAN DNS Query to Cerber Domain (18nepv . top)
(trojan.rules)
  2825709 - ETPRO TROJAN DNS Query to Cerber Domain (1cdqfv . top)
(trojan.rules)
  2825710 - ETPRO TROJAN DNS Query to Cerber Domain (1a2xx3 . top)
(trojan.rules)
  2825711 - ETPRO TROJAN DNS Query to Cerber Domain (1gzjuc . top)
(trojan.rules)
  2825712 - ETPRO TROJAN DNS Query to Cerber Domain (1eeyaj . top)
(trojan.rules)
  2825713 - ETPRO TROJAN DNS Query to Cerber Domain (1accfa . top)
(trojan.rules)
  2825714 - ETPRO TROJAN DNS Query to Cerber Domain (13kn4l . top)
(trojan.rules)
  2825715 - ETPRO TROJAN DNS Query to Cerber Domain (17yo2b . top)
(trojan.rules)
  2825716 - ETPRO TROJAN DNS Query to Cerber Domain (1qjl23 . top)
(trojan.rules)
  2825717 - ETPRO TROJAN DNS Query to Cerber Domain (14dr1s . top)
(trojan.rules)
  2825718 - ETPRO TROJAN W32/Unknown Dropper Checkin (trojan.rules)
  2825719 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 2
(mobile_malware.rules)
  2825720 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 3
(mobile_malware.rules)
  2825721 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 4
(mobile_malware.rules)
  2825722 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 5
(mobile_malware.rules)
  2825723 - ETPRO TROJAN MSIL/Impice.A CnC Checkin (trojan.rules)
  2825724 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 6
(mobile_malware.rules)
  2825725 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 7
(mobile_malware.rules)
  2825726 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 8
(mobile_malware.rules)


 [///]     Modified active rules:     [///]

  2808199 - ETPRO MOBILE_MALWARE Android.Trojan.FakeInst.DZ Checkin
(mobile_malware.rules)
  2808271 - ETPRO TROJAN BackDoor.Yebot Checkin (trojan.rules)
  2825567 - ETPRO TROJAN Possible Panda Banker DGA Lets Encrypt SSL Cert
(trojan.rules)


-- 
PGP: 0xBED7B297
<https://pgp.mit.edu/pks/lookup?op=get&search=0x6B68453CBED7B297>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20170403/b3c9eb58/attachment.html>


More information about the Emerging-updates mailing list