THL EvilSoul-Engine Discord Webhook Exfiltration POST Secondary Sink (Maploot/Tinarox)

SID: 3500015Rev: 1Enabled2 views
History
Filehunters-ledger.rules
CreatedJuly 5, 2026
UpdatedJuly 5, 2026
Classificationtrojan-activity
alert http $HOME_NET any -> any any (msg:"THL EvilSoul-Engine Discord Webhook Exfiltration POST Secondary Sink (Maploot/Tinarox)"; flow:established,to_server; http.host; content:"discord.com"; nocase; http.uri; content:"/api/webhooks/1401355074235793458"; threshold:type limit,track by_src,count 1,seconds 3600; classtype:trojan-activity; sid:3500015; rev:1; metadata:author The_Hunters_Ledger, date 2026-07-03, reference https://the-hunters-ledger.com/hunting-detections/evilsoul-engine-stealer-maas-detections/;)

Metadata

authorThe_Hunters_Ledger
date2026-07-03
referencehttps://the-hunters-ledger.com/hunting-detections/evilsoul-engine-stealer-maas-detections/

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!