THL EvilSoul-Engine Discord Webhook Exfiltration POST Secondary Sink (Maploot/Tinarox)
Sourcehunters-ledger
Filehunters-ledger.rules
CreatedJuly 5, 2026
UpdatedJuly 5, 2026
Classificationtrojan-activity
alert http $HOME_NET any -> any any (msg:"THL EvilSoul-Engine Discord Webhook Exfiltration POST Secondary Sink (Maploot/Tinarox)"; flow:established,to_server ; http.host; content:"discord.com"; nocase; http.uri; content:"/api/webhooks/1401355074235793458"; threshold:type limit,track by_src,count 1,seconds 3600 ; classtype:trojan-activity; sid:3500015; rev:1; metadata:author The_Hunters_Ledger, date 2026-07-03, reference https://the-hunters-ledger.com/hunting-detections/evilsoul-engine-stealer-maas-detections/ ;)
Metadata
authorThe_Hunters_Ledger
date2026-07-03
referencehttps://the-hunters-ledger.com/hunting-detections/evilsoul-engine-stealer-maas-detections/
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!