Ruleset Update Summary - 2023/07/12 - v10370

rulesbot · July 12, 2023, 8:49pm

Summary:

12 new OPEN, 13 new PRO (12 + 1)

2046806 - ET MALWARE Win32/RootTeam Stealer CnC Exfil M2 (malware.rules)
2046807 - ET MALWARE Win32/RootTeam Stealer CnC Response (malware.rules)
2046808 - ET INFO DNS Query to File Sharing Domain (drop .xtrafrancyz .net) (info.rules)
2046809 - ET HUNTING Upload to Links-Server File Sharing Server (hunting.rules)
2046810 - ET EXPLOIT Possible Storm-0978 CVE-2023-36884 Exploitation Attempt M1 (exploit.rules)
2046811 - ET EXPLOIT Possible Storm-0978 CVE-2023-36884 Exploitation Attempt M2 (exploit.rules)
2046812 - ET MALWARE Storm-0978 RomCom RAT CnC Checkin (malware.rules)
2046813 - ET MALWARE RomCom CnC Domain in DNS Lookup (finformservice .com) (malware.rules)
2046814 - ET MALWARE RomCom CnC Domain in DNS Lookup (penofach .com) (malware.rules)
2046815 - ET MALWARE RomCom CnC Domain in DNS Lookup (altimata .org) (malware.rules)
2046816 - ET MALWARE RomCom CnC Domain in DNS Lookup (bentaxworld .com) (malware.rules)
2046817 - ET PHISHING RomCom Phishing Domain in DNS Lookup (ukrainianworldcongress .info) (phishing.rules)

2854800 - ETPRO MALWARE Win32/WarHawk/Spyder Sending Windows System Information (POST) M3 (malware.rules)

Topic	Replies	Views
Ruleset Update Summary - 2023/12/27 - v10494 Ruleset Updates	278	December 27, 2023
Ruleset Update Summary - 2023/08/21 - v10399 Ruleset Updates	243	August 21, 2023
Ruleset Update Summary - 2023/12/18 - v10488 Ruleset Updates	296	December 18, 2023
Ruleset Update Summary - 2024/01/16 - v10507 Ruleset Updates	541	January 16, 2024
Ruleset Update Summary - 2023/06/27 - v10359 Ruleset Updates	204	June 27, 2023