[Emerging-updates] Daily Ruleset Update Summary 2017/05/10

Travis Green tgreen at emergingthreats.net
Wed May 10 18:38:19 EDT 2017


[***]            Summary:            [***]

20 new Pro. Loda Logger, Bingo Exploit Kit, Various Mobile, Various
Phishing.


[+++]          Added rules:          [+++]

Pro:

 2826343 - ETPRO TROJAN XSLT/XML Raw Binary Executable Inbound
(trojan.rules)
 2826344 - ETPRO TROJAN Loda Logger Executing Previously Downloaded File
(trojan.rules)
 2826345 - ETPRO TROJAN Loda Logger Downloading Password Stealer
(trojan.rules)
 2826346 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2017-05-09 2) (trojan.rules)
 2826347 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2017-05-09 3) (trojan.rules)
 2826348 - ETPRO TROJAN NetWireRAT Keep-Alive (set) (trojan.rules)
 2826349 - ETPRO TROJAN NetWireRAT Keep-Alive (trojan.rules)
 2826350 - ETPRO CURRENT_EVENTS Bingo Exploit Kit Landing May 08 2017
(current_events.rules)
 2826351 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
 (2017-05-09 1) (trojan.rules)
 2826352 - ETPRO TROJAN Win32/Serpent Ransomware Debug Checkin
(trojan.rules)
 2826353 - ETPRO CURRENT_EVENTS Successful Paypal Phish May 10 2017
(current_events.rules)
 2826354 - ETPRO TROJAN Loda Logger Read File Contents Request
(trojan.rules)
 2826355 - ETPRO TROJAN Loda Logger List Pictures in UserProfile Request
(trojan.rules)
 2826356 - ETPRO MOBILE_MALWARE Android BankBot Checkin 5
(mobile_malware.rules)
 2826357 - ETPRO TROJAN Loda Logger List Files Request (set) (trojan.rules)
 2826358 - ETPRO TROJAN Loda Logger List Files Request (trojan.rules)
 2826359 - ETPRO TROJAN Win32/Zegost.Ddos Checkin (trojan.rules)
 2826360 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin
101 (mobile_malware.rules)
 2826361 - ETPRO TROJAN AZORult Variant.2 Checkin m3 (trojan.rules)
 2826362 - ETPRO MOBILE_MALWARE Android BankBot Checkin 6
(mobile_malware.rules)


[+++]  Enabled and modified rules:   [+++]

 2019344 - ET CURRENT_EVENTS FAKEIE Minimal Headers (flowbit set)
(current_events.rules)
 2023197 - ET USER_AGENTS Microsoft Edge on Windows 10 SET
(user_agents.rules)
 2800109 - ETPRO WEB_CLIENT Microsoft Excel Workspace xlw download
(web_client.rules)


[///]     Modified active rules:     [///]

 2822117 - ETPRO TROJAN Loda Logger CnC Beacon Response (trojan.rules)
 2826166 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2017-04-28 7) (trojan.rules)
 2826206 - ETPRO TROJAN AZORult Variant.2 Checkin (trojan.rules)
 2826232 - ETPRO TROJAN AZORult Variant.2 Checkin m2 (trojan.rules)
 2826317 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 98
(mobile_malware.rules)
 2826318 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 99
(mobile_malware.rules)
 2826319 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin
100 (mobile_malware.rules)


[---]         Disabled rules:        [---]

 2017126 - ET CURRENT_EVENTS FlimKit Landing July 10 2013
(current_events.rules)


-- 
PGP: 0xBED7B297
<https://pgp.mit.edu/pks/lookup?op=get&search=0x6B68453CBED7B297>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20170510/bc48432f/attachment.html>


More information about the Emerging-updates mailing list