[Emerging-updates] Daily Ruleset Update Summary 2020/05/27

Jack Mott jmott at emergingthreats.net
Wed May 27 14:30:19 HDT 2020


[***]            Summary:            [***]

4 new OPEN, 22 new PRO (4 + 18). Socelars Stealer, COMRAT, Win32/Mansabo,
DAVINCI Implant CnC, VARIOUS Phish.

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

  2030223 - ET TROJAN Observed Malicious SSL Cert (MalDoc DL 2020-05-27)
(trojan.rules)
  2030224 - ET TROJAN Socelars Stealer CnC Activity (trojan.rules)
  2030225 - ET INFO Suspicious Request for Terse Numeric .dat File
(info.rules)
  2030226 - ET TROJAN COMRAT CnC (trojan.rules)

Pro:

  2842731 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-05-27 1) (trojan.rules)
  2842732 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-05-27 2) (trojan.rules)
  2842733 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-05-27 3) (trojan.rules)
  2842734 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-05-27 4) (trojan.rules)
  2842735 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-05-27 5) (trojan.rules)
  2842736 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-05-27 6) (trojan.rules)
  2842737 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-05-27 7) (trojan.rules)
  2842738 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-05-27 8) (trojan.rules)
  2842739 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-05-27 9) (trojan.rules)
  2842740 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2020-05-27
(current_events.rules)
  2842741 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2020-05-27 (current_events.rules)
  2842742 - ETPRO TROJAN Observed Malicious SSL Cert (Linux/WellMess.B
Variant) (trojan.rules)
  2842743 - ETPRO TROJAN Win32/Mansabo Variant Checkin Activity
(trojan.rules)
  2842744 - ETPRO MALWARE Win32/Unk Keylogger CnC Activity (malware.rules)
  2842745 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC)
(trojan.rules)
  2842746 - ETPRO TROJAN Observed Malicious SSL Cert (AZORult CnC)
(trojan.rules)
  2842747 - ETPRO TROJAN Observed IcedID CnC Domain in TLS SNI
(trojan.rules)
  2842748 - ETPRO TROJAN DAVINCI Implant CnC (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20200527/c50e3b56/attachment.html>


More information about the Emerging-updates mailing list