Rule History

alert dns $HOME_NET any -> any any (msg:"ET MALWARE Win32/Varenyky Spambot CnC in DNS Query"; dns.query; content:"entreprisecommande.icu"; nocase; endswith; reference:url,www.welivesecurity.com/2019/08/08/varenyky-spambot-campaigns-france/; classtype:command-and-control; sid:2027827; rev:3; metadata:affected_product Web_Browsers, attack_target Client_Endpoint, created_at 2019_08_08, deployment Perimeter, malware_family Win32_Varenyky, confidence High, signature_severity Major, updated_at 2020_09_17;)