Versions (3)
Version DetailsCurrent
Rev: 2 • Jan 5, 2017, 12:00 PMET MALWARE W32/Cerber.Ransomware CnC Checkin M4
alert udp $HOME_NET any -> $EXTERNAL_NET 6892 (msg:"ET MALWARE W32/Cerber.Ransomware CnC Checkin M4"; dsize:14; pcre:"/^[a-f0-9]{14}$/"; threshold:type both, track by_src, count 1, seconds 60; reference:md5,1f41be13d5d19e1a5c76b6d7256a8df4; reference:md5,6707e861e377409bd1037452c7c5fa74; classtype:command-and-control; sid:2023695; rev:2; metadata:attack_target Client_Endpoint, created_at 2017_01_05, deployment Perimeter, malware_family Cerber, confidence Medium, signature_severity Major, tag Ransomware, tag Ransomware_Cerber, updated_at 2019_07_26, mitre_tactic_id TA0040, mitre_tactic_name Impact, mitre_technique_id T1486, mitre_technique_name Data_Encrypted_for_Impact;)
Jan 5, 2017, 12:00 PM
Jul 26, 2019, 12:00 PM
Sep 21, 2024, 3:00 AM
May 30, 2025, 12:04 AM
rules/emerging-malware.rules