[Emerging-updates] Daily Ruleset Update Summary 2017/05/23

Travis Green tgreen at emergingthreats.net
Tue May 23 18:17:40 EDT 2017


[***]            Summary:            [***]

1 new Open, 28 new Pro (1 + 27). PyCL/Fatboy Ransomware, Various MalDoc,
Various Mobile, Various Phishing.


[+++]          Added rules:          [+++]

Open:
 2024325 - ET TROJAN MalDoc Retrieving Payload May 23 2017 2 (trojan.rules)

Pro:
 2826465 - ETPRO CURRENT_EVENTS Successful Chase Phish May 22 M1 2017
(current_events.rules)
 2826466 - ETPRO CURRENT_EVENTS Successful Chase Phish May 22 M2 2017
(current_events.rules)
 2826467 - ETPRO CURRENT_EVENTS Successful Made in China Phish May 22 2017
(current_events.rules)
 2826468 - ETPRO TROJAN PyCL/Fatboy CnC .onion domain observed
(3khfaxau73df3p3t) (trojan.rules)
 2826469 - ETPRO TROJAN PyCL/Fatboy Ransomware External IP Check
(trojan.rules)
 2826470 - ETPRO POLICY External IP Address Lookup (monip .org)
(policy.rules)
 2826471 - ETPRO CURRENT_EVENTS Successful TCF Bank Phish May 22 2017
(current_events.rules)
 2826472 - ETPRO CURRENT_EVENTS Successful Google Antispam Phish (RU) May
22 2017 (current_events.rules)
 2826473 - ETPRO CURRENT_EVENTS Successful Facebook Phish May 22 2017
(current_events.rules)
 2826474 - ETPRO CURRENT_EVENTS Successful Santander Phish May 22 2017
(current_events.rules)
 2826475 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish May 22
2017 (current_events.rules)
 2826476 - ETPRO CURRENT_EVENTS Successful Dropbox Phish May 22 2017
(current_events.rules)
 2826477 - ETPRO CURRENT_EVENTS Successful Dropbox Phish May 23 2017
(current_events.rules)
 2826478 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin
129 (mobile_malware.rules)
 2826479 - ETPRO MOBILE_MALWARE Android.Trojan.Agent.GE Checkin
(mobile_malware.rules)
 2826480 - ETPRO MOBILE_MALWARE Android.Trojan.Dropper.OC Checkin
(mobile_malware.rules)
 2826481 - ETPRO MOBILE_MALWARE Android.Trojan.Dropper.OC CnC Beacon
(mobile_malware.rules)
 2826482 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.SMSreg.mh Checkin
(mobile_malware.rules)
 2826483 - ETPRO CURRENT_EVENTS Successful Office 365 Phish May 23 2017
(current_events.rules)
 2826484 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.hh SMS Exfil
(mobile_malware.rules)
 2826485 - ETPRO TROJAN RTM Banker CnC M3 (trojan.rules)
 2826486 - ETPRO TROJAN RTM Banker TCP Domain Lookup (trojan.rules)
 2826487 - ETPRO TROJAN Trojan-Banker.Win32.Banbra .pac Download Request
(trojan.rules)
 2826488 - ETPRO TROJAN Trojan.Win32.ServStart File Download (trojan.rules)
 2826489 - ETPRO CURRENT_EVENTS MalDoc Retrieving Payload May 23 2017
(current_events.rules)
 2826490 - ETPRO CURRENT_EVENTS Successful Paypal Phish M1 May 23 2017
(current_events.rules)
 2826491 - ETPRO CURRENT_EVENTS Successful Paypal Phish M2 May 23 2017
(current_events.rules)


[///]     Modified active rules:     [///]


-- 
PGP: 0xBED7B297
<https://pgp.mit.edu/pks/lookup?op=get&search=0x6B68453CBED7B297>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20170523/e9c6bd46/attachment.html>


More information about the Emerging-updates mailing list