Versions (2)
Version DetailsCurrent
Rev: 2 • Mar 29, 2024, 12:00 PMET MALWARE Dinodas RAT CnC Domain in DNS Lookup (update .centos-yum .com)
alert dns $HOME_NET any -> any any (msg:"ET MALWARE Dinodas RAT CnC Domain in DNS Lookup (update .centos-yum .com)"; dns.query; bsize:21; content:"update.centos-yum.com"; nocase; reference:url,securelist.com/dinodasrat-linux-implant/112284/; classtype:trojan-activity; sid:2051867; rev:2; metadata:affected_product Linux, attack_target Client_and_Server, created_at 2024_03_29, deployment Perimeter, deprecation_reason Duplicate, malware_family Dinodas_RAT, performance_impact Low, confidence High, signature_severity Major, tag Dinodas_RAT, updated_at 2024_06_11;)
Mar 29, 2024, 12:00 PM
Jun 11, 2024, 12:00 PM
Mar 29, 2024, 9:00 PM
Jun 11, 2024, 10:01 PM
rules/emerging-malware.rules