Versions (3)
Version DetailsCurrent
Rev: 1 • Jun 22, 2023, 12:00 PMET MALWARE Possible DarkFinger Payload Retrieval Attempt - nc10
alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Possible DarkFinger Payload Retrieval Attempt - nc10"; flow:established,to_server; dsize:<7; content:"nc10"; reference:url,github.com/hyp3rlinx/DarkFinger-C2/; classtype:trojan-activity; sid:2046622; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_and_Server, created_at 2023_06_22, deployment Perimeter, malware_family DarkFinger, performance_impact Low, confidence Low, signature_severity Major, updated_at 2023_06_22; target:src_ip;)
Jun 22, 2023, 12:00 PM
Jun 22, 2023, 12:00 PM
Jun 22, 2023, 10:00 PM
Jun 22, 2023, 10:00 PM
rules/emerging-malware.rules