THL FlaskC2-PostEx C2 Beacon POST to /api/report or /api/heartbeat

SID: 3500018Rev: 1Enabled2 views
History
Filehunters-ledger.rules
CreatedJuly 5, 2026
UpdatedJuly 5, 2026
Classificationtrojan-activity
alert http $HOME_NET any -> any any (msg:"THL FlaskC2-PostEx C2 Beacon POST to /api/report or /api/heartbeat"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/api/report"; nocase; classtype:trojan-activity; reference:url,the-hunters-ledger.com/hunting-detections/flaskc2-postex-toolkit-67-215-232-25-detections/; sid:3500018; rev:1;)

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!