ET MALWARE OSX Backdoor Quimitchin DNS Lookup

SID: 2023763Rev: 50 views
History
Sourceet/open
CreatedJanuary 24, 2017
UpdatedSeptember 17, 2020
Classificationtrojan-activity
alert dns $HOME_NET any -> any any (msg:"ET MALWARE OSX Backdoor Quimitchin DNS Lookup"; dns.query; content:"eidk.hopto.org"; depth:14; nocase; endswith; fast_pattern; reference:url,blog.malwarebytes.com/threat-analysis/2017/01/new-mac-backdoor-using-antiquated-code/; reference:md5,e4744b9f927dc8048a19dca15590660c; classtype:trojan-activity; sid:2023763; rev:5; metadata:affected_product Mac_OSX, attack_target Client_Endpoint, created_at 2017_01_24, deployment Perimeter, malware_family Quimitchin, performance_impact Low, confidence Medium, signature_severity Major, updated_at 2020_09_17;)

References

urlblog.malwarebytes.com/threat-analysis/2017/01/new-mac-backdoor-using-antiquated-code/
md5
e4744b9f927dc8048a19dca15590660c
Google SearchBrave Search

Metadata

affected productMac_OSX
attack targetClient_Endpoint
created at2017_01_24
deploymentPerimeter
malware familyQuimitchin
performance impactLow
confidenceMedium
signature severityMajor
updated at2020_09_17

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!