Rule History

alert dns $HOME_NET any -> any any (msg:"ET EXPLOIT_KIT TA569 Keitaro TDS Domain in DNS Lookup (jqscr .com)"; dns.query; content:"jqscr.com"; nocase; bsize:9; reference:url,twitter.com/1ZRR4H/status/1637713807345582089; classtype:trojan-activity; sid:2044704; rev:3; metadata:affected_product Web_Browsers, attack_target Client_Endpoint, created_at 2023_03_20, deployment Perimeter, malware_family TA569, confidence High, signature_severity Minor, tag TDS, tag compromised_website, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2023_04_21, reviewed_at 2024_05_28;)