[Emerging-updates] Daily Ruleset Update Summary 2019/07/22

Jack Mott jmott at emergingthreats.net
Mon Jul 22 14:04:17 HDT 2019 

[***]            Summary:            [***]

5 new Open, 24 new Pro (5 + 19). Webshells, Win32/Azden.A, Various Phishing.

 [+++]          Added rules:          [+++]

Open:

  2027736 - ET EXPLOIT Possible WebShell GIF Upload (exploit.rules)
  2027737 - ET EXPLOIT Possible WebShell JPEG Upload (exploit.rules)
  2027738 - ET TROJAN Possible Outbound WebShell GIF (trojan.rules)
  2027739 - ET TROJAN Possible Outbound WebShell JPEG (trojan.rules)
  2027740 - ET TROJAN Observed Malicious SSL Cert (Ursnif CnC)
(trojan.rules)

Pro:

  2837615 - ETPRO MOBILE_MALWARE Android Trilomap Checkin
(mobile_malware.rules)
  2837616 - ETPRO POLICY OpenSSL Suspicious Demo Cert (CN=www .mydom .com)
(policy.rules)
  2837617 - ETPRO TROJAN Likely Hostile DNS Query for Hex Encoded IP
Address as Domain Name (trojan.rules)
  2837618 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-22 1) (trojan.rules)
  2837619 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-22 2) (trojan.rules)
  2837620 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-22 3) (trojan.rules)
  2837621 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-22 5) (trojan.rules)
  2837622 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-22 6) (trojan.rules)
  2837623 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-22 7) (trojan.rules)
  2837624 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-22 4) (trojan.rules)
  2837625 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-22 8) (trojan.rules)
  2837626 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-07-22 (current_events.rules)
  2837627 - ETPRO CURRENT_EVENTS Successful Standard Bank Phish 2019-07-22
(current_events.rules)
  2837628 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-07-22 (current_events.rules)
  2837629 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-07-22 (current_events.rules)
  2837630 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-07-22 (current_events.rules)
  2837631 - ETPRO TROJAN Win32/Azden.A CnC Checkin (trojan.rules)
  2837632 - ETPRO USER_AGENTS Win32/MegaSearch Adware Related UA
(user_agents.rules)
  2837633 - ETPRO MALWARE Win32/MegaSearch Adware Checkin (malware.rules)

 [///]     Modified active rules:     [///]

  2808874 - ETPRO TROJAN Trojan.Win32.Kilva Checkin (trojan.rules)
  2810991 - ETPRO TROJAN SEDNIT CnC Beacon 1 (trojan.rules)

 [---]         Disabled rules:        [---]

  2827580 - ETPRO TROJAN W32/Emotet.v4 Checkin 2 (trojan.rules)
  2828008 - ETPRO TROJAN W32/Emotet.v4 Checkin 3 (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20190722/c4f45884/attachment.html>

More information about the Emerging-updates mailing list