Ruleset Update Summary - 2023/06/27 - v10359

Summary:

5 new OPEN, 6 new PRO (5 + 1)

Thanks @Jane_0sint, @SANGFOR


Added rules:

Open:

  • 2044913 - ET EXPLOIT_KIT Balada Injector Script (exploit_kit.rules)
  • 2046667 - ET MALWARE [ANY.RUN] StatusRecorder Stealer Sending System Information (malware.rules)
  • 2046668 - ET INFO Ark Trader API Login (POST) (info.rules)
  • 2046669 - ET MALWARE Win32/SPARK RAT CnC Checkin (GET) (malware.rules)
  • 2046670 - ET MALWARE SocGholish Domain in DNS Lookup (sandwiches .tropipackfood .com) (malware.rules)

Pro:

  • 2854672 - ETPRO MALWARE PowerShell/Pantera Variant CnC Checkin (GET) (malware.rules)

Removed rules:

  • 2044913 - ET MALWARE Balada Injector Script (malware.rules)