[Emerging-updates] Daily Ruleset Update Summary 2017/05/31

Travis Green tgreen at emergingthreats.net
Wed May 31 17:01:29 EDT 2017


[***]            Summary:            [***]

4 new Open, 16 new Pro (4 + 12). Jaff Updates, Various Phishing, Various
Mobile.
Thanks: @esentire

[+++]          Added rules:          [+++]

Open:

 2024338 - ET TROJAN Jaff Ransomware Checkin (trojan.rules)
 2024339 - ET TROJAN DNS Query to Jaff Domain (orhangazitur . com)
(trojan.rules)
 2024340 - ET TROJAN Jaff Ransomware Checkin (trojan.rules)
 2024341 - ET TROJAN DNS Query to Jaff Domain (comboratiogferrdto . com)
(trojan.rules)

Pro:

 2826546 - ETPRO INFO Observed DNS Query for DDNS domain (camerakeeper .tv)
(info.rules)
 2826547 - ETPRO TROJAN Observed Malicious Domain SSL Cert in SNI
(MSIL/ExtenBro.CL) (trojan.rules)
 2826548 - ETPRO TROJAN Observed Malicious JS Downloader SSL Cert
(trojan.rules)
 2826549 - ETPRO TROJAN MSIL/njRAT/Bladabindi Variant
(Microsoft_key_update) CnC Checkin (trojan.rules)
 2826550 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ic Contact
Exfil via SMTP 2 (mobile_malware.rules)
 2826551 - ETPRO CURRENT_EVENTS Successful Bank of America Phish M1 May 31
2017 (current_events.rules)
 2826552 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ar Reporting
via SMTP 2 (mobile_malware.rules)
 2826553 - ETPRO CURRENT_EVENTS Successful Bank of America Phish M2 May 31
2017 (current_events.rules)
 2826554 - ETPRO CURRENT_EVENTS Successful Bank of America Phish M3 May 31
2017 (current_events.rules)
 2826555 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.hs Reporting
via SMTP (mobile_malware.rules)
 2826556 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.eg Contact
Exfil via SMTP 2 (mobile_malware.rules)
 2826557 - ETPRO CURRENT_EVENTS Dropbox Phishing Landing May 31 2017
(current_events.rules)


[///]     Modified active rules:     [///]

 2018543 - ET CURRENT_EVENTS Neverquest/Vawtrak Posting Data
(current_events.rules)
 2022840 - ET TROJAN Possible CryptXXX Ransomware Renaming Encrypted File
SMB v2 (trojan.rules)
 2826233 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz Contact
Exfil via SMTP 2 (mobile_malware.rules)


-- 
PGP: 0xBED7B297
<https://pgp.mit.edu/pks/lookup?op=get&search=0x6B68453CBED7B297>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20170531/017ce022/attachment.html>


More information about the Emerging-updates mailing list