Summary:
5 new OPEN, 6 new PRO (5 + 1)
Thanks @Jane_0sint, @SANGFOR
Added rules:
Open:
- 2044913 - ET EXPLOIT_KIT Balada Injector Script (exploit_kit.rules)
- 2046667 - ET MALWARE [ANY.RUN] StatusRecorder Stealer Sending System Information (malware.rules)
- 2046668 - ET INFO Ark Trader API Login (POST) (info.rules)
- 2046669 - ET MALWARE Win32/SPARK RAT CnC Checkin (GET) (malware.rules)
- 2046670 - ET MALWARE SocGholish Domain in DNS Lookup (sandwiches .tropipackfood .com) (malware.rules)
Pro:
- 2854672 - ETPRO MALWARE PowerShell/Pantera Variant CnC Checkin (GET) (malware.rules)
Removed rules:
- 2044913 - ET MALWARE Balada Injector Script (malware.rules)