ET MALWARE W32/Cerber.Ransomware CnC Checkin M4

SID: 2023695Rev: 20 viewsHistory

Sourceet/open

CreatedJanuary 5, 2017

UpdatedJuly 26, 2019

Classificationcommand-and-control

alert udp $HOME_NET any -> $EXTERNAL_NET 6892 (msg:"ET MALWARE W32/Cerber.Ransomware CnC Checkin M4"; dsize:14; pcre:"/^[a-f0-9]{14}$/"; threshold:type both, track by_src, count 1, seconds 60; reference:md5,1f41be13d5d19e1a5c76b6d7256a8df4; reference:md5,6707e861e377409bd1037452c7c5fa74; classtype:command-and-control; sid:2023695; rev:2; metadata:attack_target Client_Endpoint, created_at 2017_01_05, deployment Perimeter, malware_family Cerber, confidence Medium, signature_severity Major, tag Ransomware, tag Ransomware_Cerber, updated_at 2019_07_26, mitre_tactic_id TA0040, mitre_tactic_name Impact, mitre_technique_id T1486, mitre_technique_name Data_Encrypted_for_Impact;)

References

md5	1f41be13d5d19e1a5c76b6d7256a8df4 Google Search Brave Search
md5	6707e861e377409bd1037452c7c5fa74 Google Search Brave Search

Metadata

attack targetClient_Endpoint

created at2017_01_05

deploymentPerimeter

malware familyCerber

confidenceMedium

signature severityMajor

tagRansomware_Cerber

updated at2019_07_26

mitre tactic idTA0040

mitre tactic nameImpact

mitre technique idT1486

mitre technique nameData_Encrypted_for_Impact

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!