[Emerging-updates] Daily Ruleset Update Summary 2017/05/04

Travis Green tgreen at emergingthreats.net
Thu May 4 17:20:44 EDT 2017


[***]            Summary:            [***]

15 new Open, 21 new Pro (15 + 6). Kazuar, Turla Snake OSX DNS Lookup,
Emotet, OzazaLocker, Various Mobile
Thanks: Kevin Ross, @MalwrHunterTeam

[+++]          Added rules:          [+++]

Open:

 2024270 - ET TROJAN Kazuar CnC Beacon (trojan.rules)
 2024271 - ET TROJAN Turla Snake OSX DNS Lookup (car-service .effers.com)
(trojan.rules)
 2024272 - ET TROJAN W32.Geodo/Emotet Checkin (trojan.rules)
 2024273 - ET TROJAN SuperCMD CnC Beacon (trojan.rules)
 2024274 - ET TROJAN W32/Emotet CnC Beacon 1 (trojan.rules)
 2024275 - ET TROJAN W32/Emotet CnC Beacon 2 (trojan.rules)
 2024276 - ET TROJAN MSIL/OzazaLocker Ransomware CnC Checkin (trojan.rules)

Pro:

 2826248 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.mk Reporting
via SMTP 2 (mobile_malware.rules)
 2826249 - ETPRO MOBILE_MALWARE Android ShadowTDS Response
(mobile_malware.rules)
 2826250 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.mk Reporting
via SMTP 2 (mobile_malware.rules)
 2826251 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.mk Reporting
via SMTP 3 (mobile_malware.rules)
 2826252 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.dj Reporting
via SMTP 2 (mobile_malware.rules)
 2826253 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ac SMS Exfil
via SMTP 2 (mobile_malware.rules)


[///]     Modified active rules:     [///]

 2825135 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ac SMS Exfil
via SMTP (mobile_malware.rules)


[---]         Removed rules:         [---]

 2823570 - ETPRO TROJAN W32.Geodo/Emotet Checkin (trojan.rules)

-- 
PGP: 0xBED7B297
<https://pgp.mit.edu/pks/lookup?op=get&search=0x6B68453CBED7B297>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20170504/19bfba73/attachment.html>


More information about the Emerging-updates mailing list