[Emerging-updates] Daily Ruleset Update Summary 2018/06/19

Travis Green tgreen at emergingthreats.net
Tue Jun 19 11:42:30 HDT 2018


[***]            Summary:            [***]

1 new Open, 27 new Pro (1 + 26). Donut Ransomware, Various Phish, Various
Mobile.

Thanks: @AttackDetection


[+++]          Added rules:          [+++]

Open:

 2025595 - ET TROJAN [PTsecurity] Donut Ransomware CnC Checkin
(trojan.rules)

Pro:

 2831319 - ETPRO TROJAN Win32/Filecoder.NHN variant CnC Checkin
(trojan.rules)
 2831320 - ETPRO CURRENT_EVENTS Successful Adobe PDF Online Phish
2018-06-18 (current_events.rules)
 2831321 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2018-06-18
(current_events.rules)
 2831322 - ETPRO TROJAN Observed Malicious SSL Certificate (IcedID)
(trojan.rules)
 2831323 - ETPRO MALWARE Win32/StartPage/Dotdo.Adware variant CnC Checkin
(malware.rules)
 2831324 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL
2018-06-19) (current_events.rules)
 2831325 - ETPRO TROJAN MSIL/Ursa.Loader Requesting Obfuscated Payload M2
(trojan.rules)
 2831326 - ETPRO CURRENT_EVENTS MSIL/1mS0rry Miner Variant Download Request
(current_events.rules)
 2831327 - ETPRO MOBILE_MALWARE Android/TeleRAT Info Exfil via Telegram API
8 (mobile_malware.rules)
 2831328 - ETPRO MOBILE_MALWARE Android/TeleRAT Info Exfil via Telegram API
9 (mobile_malware.rules)
 2831329 - ETPRO MOBILE_MALWARE Android/Spy.Agent.DD SMS Exfil via SMTP
(mobile_malware.rules)
 2831330 - ETPRO MOBILE_MALWARE Android.Trojan.HiddenApp.gDHRB Reporting
Infection via SMTP (mobile_malware.rules)
 2831331 - ETPRO TROJAN Armageddon Stealer Exfil Via FTP (trojan.rules)
 2831332 - ETPRO CURRENT_EVENTS Successful Excel Online Phish 2018-06-19
(current_events.rules)
 2831333 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2018-06-19
(current_events.rules)
 2831334 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish 2018-06-19
(current_events.rules)
 2831335 - ETPRO TROJAN W32.1ms0rry Variant Generic Checkin (trojan.rules)
 2831336 - ETPRO CURRENT_EVENTS Successful Netflix Phish 2018-06-19
(current_events.rules)
 2831337 - ETPRO CURRENT_EVENTS Successful Generic Phish - Observed in Bank
of America Phishing 2018-06-19 (current_events.rules)
 2831338 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-06-19 1) (trojan.rules)
 2831339 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-06-19 2) (trojan.rules)
 2831340 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-06-19 3) (trojan.rules)
 2831341 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-06-19 4) (trojan.rules)
 2831342 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-06-19 5) (trojan.rules)
 2831343 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-06-19 6) (trojan.rules)
 2831344 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-06-19 7) (trojan.rules)


[///]     Modified active rules:     [///]

 2831129 - ETPRO TROJAN MSIL/Ursa.Loader Requesting Obfuscated Payload
(trojan.rules)
 2831310 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-06-18 7) (trojan.rules)


-- 
PGP: 0xBED7B297
<https://pgp.mit.edu/pks/lookup?op=get&search=0x6B68453CBED7B297>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20180619/ec1ca20b/attachment.html>


More information about the Emerging-updates mailing list