[Emerging-updates] Daily Ruleset Update Summary 2018/11/23

James Emery-Callcott jcallcott at emergingthreats.net
Fri Nov 23 07:10:39 HST 2018


 [***]            Summary:            [***]

 7 new Pro. Phorpiex Spam Activity, VBS/Qbot.Downloader, Invoke Obfuscated
PowerShell.

 [+++]          Added rules:          [+++]

  2833613 - ETPRO CURRENT_EVENTS Invoke Obfuscated PowerShell Inbound
2018-11-23 (current_events.rules)
  2833614 - ETPRO TROJAN Win32/Phorpiex Geographical Location Lookup
(trojan.rules)
  2833615 - ETPRO TROJAN Win32/Phorpiex JS Spam Payload Inbound
(trojan.rules)
  2833616 - ETPRO TROJAN Win32/Phorpiex Template 1 Active - Outbound Email
Spam (trojan.rules)
  2833617 - ETPRO TROJAN Win32/Phorpiex Template 2 Active - Outbound Email
Spam (trojan.rules)
  2833618 - ETPRO TROJAN VBS/Qbot.Downloader CnC Checkin (trojan.rules)
  2833619 - ETPRO TROJAN VBS/Qbot.Downloader Requesting Payload
(trojan.rules)

 [///]     Modified active rules:     [///]

  N/A

---------------------------------------

James Emery-Callcott
Security Researcher | ProofPoint Inc | Emerging Threats Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20181123/173b604e/attachment.html>


More information about the Emerging-updates mailing list