Versions (4)
Version DetailsCurrent
Rev: 7 • Jul 21, 2020, 12:00 PM🐾 - 🚨 Outgoing connection ↗ 🎛 possible ♞ Emotet C2
alert ip any any -> 81.214.253.80 any (msg:"🐾 - 🚨 Outgoing connection ↗ 🎛 possible ♞ Emotet C2"; reference: url,reference: url,https://twitter.com/abuse_ch/status/1284480150189543424; reference: url,https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.txt; reference: url,https://malpedia.caad.fkie.fraunhofer.de/details/win.emotet; metadata:created_at 2020_07_21, updated_at 2022_03_19; sid:3306982; rev:7; classtype:trojan-activity;)
Jul 21, 2020, 12:00 PM
Mar 19, 2022, 12:00 PM
Apr 29, 2024, 10:00 PM
May 29, 2025, 11:12 PM
rules/PAW-PATRULES_EMOTET_IP.rules