[Emerging-updates] Daily Ruleset Update Summary 2017/07/05

Travis Green tgreen at emergingthreats.net
Wed Jul 5 17:14:12 EDT 2017


[***]            Summary:            [***]

3 new Open, 28 new Pro (3 + 25). Win32/Banload, Various Phishing, Various
Mobile.

Thanks: @lowson

[+++]          Added rules:          [+++]

Open:

 2024441 - ET TROJAN Unknown CnC (trojan.rules)
 2024442 - ET TROJAN Unknown CnC Response (trojan.rules)
 2024443 - ET TROJAN Possible Win32/Petya Conn Check (trojan.rules)

Pro:

 2826980 - ETPRO TROJAN MSIL/Unknown CnC Reporting Infection (trojan.rules)
 2826981 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin
164 (mobile_malware.rules)
 2826982 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin
165 (mobile_malware.rules)
 2826983 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin
166 (mobile_malware.rules)
 2826984 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin
167 (mobile_malware.rules)
 2826985 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin
168 (mobile_malware.rules)
 2826986 - ETPRO CURRENT_EVENTS Successful First Citizens Bank Phish Jul 05
2017 (current_events.rules)
 2826987 - ETPRO CURRENT_EVENTS Successful Chase Mobile Phish M1 Jul 5 2017
(current_events.rules)
 2826988 - ETPRO CURRENT_EVENTS Successful Chase Mobile Phish M2 Jul 05
2017 (current_events.rules)
 2826989 - ETPRO CURRENT_EVENTS Chase Mobile Phishing Landing M1
(current_events.rules)
 2826990 - ETPRO CURRENT_EVENTS Chase Mobile Phishing Landing M2
(current_events.rules)
 2826991 - ETPRO TROJAN Win32/Unknown CnC Activity (trojan.rules)
 2826992 - ETPRO CURRENT_EVENTS Successful ADP Phish Jul 05 2017
(current_events.rules)
 2826993 - ETPRO CURRENT_EVENTS Successful Outlook Webmail Account Phish
Jul 05 2017 (current_events.rules)
 2826994 - ETPRO MOBILE_MALWARE Android/Rootnik.BV Checkin
(mobile_malware.rules)
 2826995 - ETPRO MALWARE PUA Win32/SlimCleaner Checkin (malware.rules)
 2826996 - ETPRO CURRENT_EVENTS Successful Paypal Phish Jul 05 2017
(current_events.rules)
 2826997 - ETPRO TROJAN Win32/Banload Downloader Checkin (trojan.rules)
 2826998 - ETPRO CURRENT_EVENTS Successful IRS Phish Jul 05 2017
(current_events.rules)
 2826999 - ETPRO TROJAN Win32/Neshta.A DNS Lookup (trojan.rules)
 2827000 - ETPRO CURRENT_EVENTS Successful Paypal Phish (Confirm Address)
Jul 05 2017 (current_events.rules)
 2827001 - ETPRO CURRENT_EVENTS Successful Paypal VBV Phish Jul 05 2017
(current_events.rules)
 2827002 - ETPRO CURRENT_EVENTS Successful Paypal Phish (Bank Login) Jul 05
2017 (current_events.rules)
 2827003 - ETPRO CURRENT_EVENTS Paypal Phishing Landing M1 Jul 05 2017
(current_events.rules)
 2827004 - ETPRO CURRENT_EVENTS Paypal Phishing Landing M2 Jul 05 2017
(current_events.rules)


[///]     Modified active rules:     [///]

 2812980 - ETPRO MOBILE_MALWARE Android.Trojan.Damruved.A Checkin
(mobile_malware.rules)
 2825252 - ETPRO CURRENT_EVENTS Successful Paypal Phish M1 Mar 07 2017
(current_events.rules)
 2826931 - ETPRO TROJAN Idicaf CnC Beacon (trojan.rules)


[---]         Disabled rules:        [---]

 2812836 - ETPRO CURRENT_EVENTS Successful Outlook Webmail Account Phish
Sept 1 M1 (current_events.rules)
 2816904 - ETPRO CURRENT_EVENTS Successful OWA Phish Apr 4
(current_events.rules)
 2823273 - ETPRO CURRENT_EVENTS Successful OWA Phish Nov 15 2016
(current_events.rules)
 2825168 - ETPRO CURRENT_EVENTS Successful OWA Phish Mar 1 2017
(current_events.rules)


-- 
PGP: 0xBED7B297
<https://pgp.mit.edu/pks/lookup?op=get&search=0x6B68453CBED7B297>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20170705/73b93520/attachment.html>


More information about the Emerging-updates mailing list