Ruleset Update Summary - 2023/07/27 - v10381

rulesbot · July 27, 2023, 10:20pm

Summary:

3 new OPEN, 4 new PRO (3 + 1)

Thanks Kevin Ross and @Jane_0sint

2046948 - ET MALWARE Pupy RAT Default TLS Proxy Certificate (malware.rules)
2046949 - ET MALWARE MalDoc/Gamaredon CnC Activity M4 (malware.rules)
2046950 - ET MALWARE [ANY.RUN] Hydrochasma Fast Reverse Proxy M3 (malware.rules)

2854942 - ETPRO MALWARE Win32/Raspberry Robin CnC Activity (GET) (malware.rules)

2025019 - ET MALWARE Possible NanoCore C2 60B (malware.rules)
2035211 - ET MALWARE Win32/QuasarRAT CnC Traffic (malware.rules)
2046726 - ET MALWARE [ANY.RUN] Hydrochasma Fast Reverse Proxy M1 (malware.rules)

2031252 - ET MALWARE Turla/Crutch CnC Domain in DNS Lookup (hotspot .accesscam .org) (malware.rules)
2031253 - ET MALWARE Turla/Crutch CnC Domain in DNS Lookup (highcolumn .webredirect .org) (malware.rules)
2031254 - ET MALWARE Turla/Crutch CnC Domain in DNS Lookup (ethdns .mywire .org) (malware.rules)
2031255 - ET MALWARE Turla/Crutch CnC Domain in DNS Lookup (theguardian .webredirect .org) (malware.rules)
2046761 - ET MALWARE Observed Turla/Crutch Domain (hotspot .accesscam .org in TLS SNI) (malware.rules)

Topic	Replies	Views
Ruleset Update Summary - 2023/12/27 - v10494 Ruleset Updates	279	December 27, 2023
Ruleset Update Summary - 2023/04/27 - v10309 Ruleset Updates	286	April 27, 2023
Ruleset Update Summary - 2023/07/17 - v10373 Ruleset Updates	265	July 17, 2023
Ruleset Update Summary - 2023/12/20 - v10490 Ruleset Updates	216	December 20, 2023
Ruleset Update Summary - 2023/04/11 - v10295 Ruleset Updates	275	April 11, 2023