[Emerging-updates] Daily Ruleset Update Summary 2017/04/25

Travis Green tgreen at emergingthreats.net
Tue Apr 25 18:30:48 EDT 2017


[***]            Summary:            [***]

8 new Open, 21 new Pro (8 + 13). ARM Binary Downloaded via WGET, pyteHole
Ransomware, Various Phishing, Various Mobile

Thanks: Kevin Ross, @MalwrHunterTeam, @0x00_ach

[+++]          Added rules:          [+++]

Open:

 2024239 - ET TROJAN MSIL/Karmen Ransomware CnC Activity (trojan.rules)
 2024240 - ET INFO ARM File Requested via WGET (set) (info.rules)
 2024241 - ET TROJAN ARM Binary Downloaded via WGET Containing Suspicious
Netcat Command - Possible IoT Malware (trojan.rules)
 2024242 - ET TROJAN ARM Binary Downloaded via WGET Containing GoAhead and
Multiple Camera RCE 0Day Vulnerabilities (trojan.rules)
 2024243 - ET TROJAN ARM Binary Requested via WGET to Known IoT Malware
Domain (trojan.rules)
 2024244 - ET TROJAN Known IoT Malware Domain (trojan.rules)
 2024245 - ET TROJAN Known IoT Malware Domain (trojan.rules)
 2024246 - ET TROJAN Observed Malicious SSL cert (pyteHole Ransomware)
(trojan.rules)

Pro:

 2826098 - ETPRO MOBILE_MALWARE Android/Monitor.Drower.B SMS Exfil
(mobile_malware.rules)
 2826099 - ETPRO TROJAN MSIL/Spy.Agent.AUE Checkin (trojan.rules)
 2826100 - ETPRO MOBILE_MALWARE Android.Adware.Wapsx.A CnC Beacon
(mobile_malware.rules)
 2826101 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 81
(mobile_malware.rules)
 2826102 - ETPRO MOBILE_MALWARE Android.Trojan.Fjcon.D Checkin
(mobile_malware.rules)
 2826103 - ETPRO MOBILE_MALWARE Android.Adware.Dowgin.gQAM Checkin
(mobile_malware.rules)
 2826104 - ETPRO CURRENT_EVENTS Successful Mobile Banco do Brasil Phish Apr
25 2017 (current_events.rules)
 2826105 - ETPRO TROJAN Generic njRAT/Bladabindi CnC Activity (li)
(trojan.rules)
 2826106 - ETPRO TROJAN Generic njRAT/Bladabindi CnC Activity (prof)
(trojan.rules)
 2826107 - ETPRO TROJAN Generic njRAT/Bladabindi CnC Activity (infn)
(trojan.rules)
 2826108 - ETPRO CURRENT_EVENTS Successful Dropbox Phish Apr 25 2017
(current_events.rules)
 2826109 - ETPRO CURRENT_EVENTS Successful OWA Phish Apr 25 2017
(current_events.rules)
 2826110 - ETPRO CURRENT_EVENTS Successful Snapchat Phish Apr 25 2017
(current_events.rules)


[///]     Modified active rules:     [///]

 2814860 - ETPRO TROJAN njRAT/Bladabindi CnC Callback (act) (trojan.rules)
 2819864 - ETPRO MOBILE_MALWARE AdWare.AndroidOS.Batmob.b Checkin
(mobile_malware.rules)


[---]         Removed rules:         [---]

 2825462 - ETPRO TROJAN MSIL/Karmen Ransomware CnC Activity (trojan.rules)


-- 
PGP: 0xBED7B297
<https://pgp.mit.edu/pks/lookup?op=get&search=0x6B68453CBED7B297>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20170425/d29394ee/attachment.html>


More information about the Emerging-updates mailing list