[Emerging-updates] Daily Ruleset Update Summary 2017/02/27

Francis Trudeau ftrudeau at emergingthreats.net
Mon Feb 27 18:20:39 EST 2017


 [***] Summary: [***]

 2 new Open signatures, 23 new Pro (2 + 21).  RIG EK, Ursnif, Filecoder,
Various Phishing.

 [+++]          Added rules:          [+++]

 Open:

  2024020 - ET CURRENT_EVENTS RIG EK URI Struct Feb 26 2017
(current_events.rules)
  2024021 - ET CURRENT_EVENTS RIG EK Landing Feb 26 2016
(current_events.rules)

 Pro:

  2825131 - ETPRO POLICY PUP/MiPony HTTP Request (policy.rules)
  2825132 - ETPRO TROJAN Win32/Unknown CnC Checkin (trojan.rules)
  2825133 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ac Contact
Exfil via SMTP (mobile_malware.rules)
  2825134 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ac Contact
Exfil via SMTP 2 (mobile_malware.rules)
  2825135 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ac SMS Exfil
via SMTP 3 (mobile_malware.rules)
  2825136 - ETPRO CURRENT_EVENTS Successful BMO Phish Feb 24 2017
(current_events.rules)
  2825137 - ETPRO TROJAN VMDetector CnC Beacon (trojan.rules)
  2825138 - ETPRO MALWARE AdWare.NSIS.Dotdo.gen CnC Beacon (malware.rules)
  2825139 - ETPRO TROJAN Possible Ursnif Tor Module Download M2
(trojan.rules)
  2825140 - ETPRO TROJAN Possible Ursnif Tor Module Download M2
(trojan.rules)
  2825141 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy
Domain (trojan.rules)
  2825142 - ETPRO MOBILE_MALWARE AdWare.AndroidOS.Dowgin.d CnC Beacon
(mobile_malware.rules)
  2825143 - ETPRO CURRENT_EVENTS Successful BMO Phish Feb 27 2017
(current_events.rules)
  2825144 - ETPRO CURRENT_EVENTS Successful RBC Royal Bank Phish Feb 27
2017 (current_events.rules)
  2825145 - ETPRO CURRENT_EVENTS Successful BMO Phish M2 Feb 27 2017
(current_events.rules)
  2825146 - ETPRO CURRENT_EVENTS Successful BMO Phish M3 Feb 27 2017
(current_events.rules)
  2825147 - ETPRO CURRENT_EVENTS Possible Sparkasse Bank Phishing Landing
Feb 27 2017 (current_events.rules)
  2825148 - ETPRO CURRENT_EVENTS Successful 163.com Email Account Phish Feb
27 2017 (current_events.rules)
  2825149 - ETPRO CURRENT_EVENTS Dropbox Phishing Landing Feb 27 2017
(current_events.rules)
  2825150 - ETPRO CURRENT_EVENTS Multi Email Shared Document Phishing
Landing Feb 27 2017 (current_events.rules)
  2825151 - ETPRO CURRENT_EVENTS Successful Bank of America Phish (set) Feb
27 2016 (current_events.rules)


 [///]     Modified active rules:     [///]

  2016922 - ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20170227/82c98098/attachment.html>


More information about the Emerging-updates mailing list