Daily Ruleset Update Summary 2022/08/08

dkaczmark · August 9, 2022, 6:50pm

[] Summary: []

8 new OPEN, 23 new PRO (8 + 15). SHARPEXT, DeimosC2, ELF/RapperBot, Others.

Thanks @Fortinet, @h2jazi

Please share issues, feedback, and requests at Feedback

[+++] Added rules: [+++]

Open:

2037955 - ET MALWARE SHARPEXT CnC Domain in DNS Lookup (gonamod .com) (malware.rules)
2037956 - ET MALWARE SHARPEXT CnC Domain in DNS Lookup (siekis .com) (malware.rules)
2037957 - ET MALWARE Lazarus APT Related Activity (GET) (malware.rules)
2037958 - ET JA3 HASH - DeimosC2 Agent Activity (set) (ja3.rules)
2037959 - ET JA3 HASH - DeimosC2 Agent Activity (ja3.rules)
2037960 - ET MALWARE Observed Malicious SSL Cert (Acme Co) (malware.rules)
2037961 - ET MALWARE ELF/RapperBot CnC Checkin M1 (malware.rules)
2037962 - ET MALWARE ELF/RapperBot CnC Checkin M2 (malware.rules)

Pro:

2852041 - ETPRO COINMINER CoinMiner Known Malicious Stratum Authline (2022-08-04 1) (coinminer.rules)
2852042 - ETPRO COINMINER CoinMiner Known Malicious Stratum Authline (2022-08-04 2) (coinminer.rules)
2852055 - ETPRO MALWARE Win32/Remcos RAT Checkin 823 (malware.rules)

[///] Modified active rules: [///]

2035374 - ET MALWARE Kimsuky APT BabyShark/SHARPEXT Related Domain in DNS Lookup (worldinfocontact .club) (malware.rules)

[—] Removed rules: [—]

2850007 - ETPRO MALWARE Observed Malicious SSL Cert (Acme Co) (malware.rules)

Topic	Replies	Views
Daily Ruleset Update Summary 2022/09/27 Ruleset Updates	84	September 27, 2022
Daily Ruleset Update Summary 2022/10/04 Ruleset Updates	74	October 4, 2022
Ruleset Update Summary - 2023/06/30 - v10362 Ruleset Updates	251	June 30, 2023
Daily Ruleset Update Summary 2022/08/09 Ruleset Updates	149	August 10, 2022
Daily Ruleset Update Summary 2022/10/14 Ruleset Updates	143	October 14, 2022

Daily Ruleset Update Summary 2022/08/08

Related topics