Rule History

alert dns $HOME_NET any -> any any (msg:"ET MALWARE Ransomware Popcorn-Time .onion Payment Domain (3hnuhydu4pd247qb)"; dns_query; content:"3hnuhydu4pd247qb"; depth:16; fast_pattern; nocase; classtype:trojan-activity; sid:2023589; rev:3; metadata:attack_target Client_Endpoint, created_at 2016_12_08, deployment Perimeter, malware_family Ransomware, confidence High, signature_severity Major, tag Ransomware, updated_at 2019_08_30, mitre_tactic_id TA0040, mitre_tactic_name Impact, mitre_technique_id T1486, mitre_technique_name Data_Encrypted_for_Impact;)