Summary:
6 new OPEN, 7 new PRO (6 + 1)
Added rules:
Open:
- 2057897 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .studio .lacrenshawcrossing .com) (malware.rules)
- 2057898 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .studio .lacrenshawcrossing .com) (malware.rules)
- 2057899 - ET INFO DYNAMIC_DNS Query to a *.extremelyorange .com domain (info.rules)
- 2057900 - ET INFO DYNAMIC_DNS HTTP Request to a *.extremelyorange .com domain (info.rules)
- 2057901 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (teentyinch .fun) (malware.rules)
- 2057902 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (teentyinch .fun in TLS SNI) (malware.rules)
Pro:
- 2859208 - ETPRO MALWARE Win32/zgRAT CnC Checkin (malware.rules)