[Emerging-updates] Daily Ruleset Update Summary 2017/07/28

Travis Green tgreen at emergingthreats.net
Fri Jul 28 17:31:38 EDT 2017


[***]            Summary:            [***]

4 new Open, 25 new Pro (4 + 21). ISMAgent, Phishery Phishing Tool,
Android/Spy.Lipizzan.A.


[+++]          Added rules:          [+++]

Open:

 2024502 - ET TROJAN ISMAgent CnC Checkin 1 (trojan.rules)
 2024503 - ET TROJAN ISMAgent Receiving Commands from CnC Server
 (trojan.rules)
 2024504 - ET TROJAN ISMAgent DNS Tunneling (microsoft-publisher . com)
(trojan.rules)
 2024505 - ET INFO Phishery Phishing Tool - Default SSL Certificate
Observed (info.rules)

Pro:

 2827329 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup
(mobile_malware.rules)
 2827330 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 2
(mobile_malware.rules)
 2827331 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 3
(mobile_malware.rules)
 2827332 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 4
(mobile_malware.rules)
 2827333 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 5
(mobile_malware.rules)
 2827334 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 6
(mobile_malware.rules)
 2827335 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 7
(mobile_malware.rules)
 2827336 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 8
(mobile_malware.rules)
 2827337 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 9
(mobile_malware.rules)
 2827338 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 10
(mobile_malware.rules)
 2827339 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 11
(mobile_malware.rules)
 2827340 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 12
(mobile_malware.rules)
 2827341 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 13
(mobile_malware.rules)
 2827342 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 14
(mobile_malware.rules)
 2827343 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 15
(mobile_malware.rules)
 2827344 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 16
(mobile_malware.rules)
 2827345 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 17
(mobile_malware.rules)
 2827346 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 18
(mobile_malware.rules)
 2827347 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 19
(mobile_malware.rules)
 2827348 - ETPRO TROJAN Nemesis Ransomware Onion Domain (trojan.rules)
 2827349 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin
193 (mobile_malware.rules)


[///]     Modified active rules:     [///]

 2024285 - ET TROJAN OSX/Proton.B Domain in SNI (trojan.rules)
 2816718 - ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (trojan.rules)
 2824274 - ETPRO TROJAN Zeus Panda Injects Domain in SNI (trojan.rules)
 2826368 - ETPRO MOBILE_MALWARE Android.Trojan.InfoStealer.JZ SMS/Contact
Exfil (mobile_malware.rules)


[---]         Disabled rules:        [---]

 2805669 - ETPRO TROJAN TROJ_DLOADER.ANP Checkin (trojan.rules)
 2826698 - ETPRO TROJAN Win32/Jeefo.B Domain in SNI (trojan.rules)


-- 
PGP: 0xBED7B297
<https://pgp.mit.edu/pks/lookup?op=get&search=0x6B68453CBED7B297>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20170728/2384504a/attachment.html>


More information about the Emerging-updates mailing list