ET MALWARE RedControle Probing Infected System

SID: 2026723Rev: 10 views
History
Sourceet/open
CreatedDecember 13, 2018
UpdatedJuly 26, 2019
Classificationtrojan-activity
alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET MALWARE RedControle Probing Infected System"; flow:established,to_server; dsize:14; content:"SE_ND_CO_NN_EC"; fast_pattern; reference:url,threatvector.cylance.com/en_us/home/poking-the-bear-three-year-campaign-targets-russian-critical-infrastructure.html; reference:md5,855b937f668ecd90b8be004fd3c24717; classtype:trojan-activity; sid:2026723; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, created_at 2018_12_13, deployment Perimeter, malware_family RedControle, performance_impact Low, confidence High, signature_severity Major, updated_at 2019_07_26;)

References

urlthreatvector.cylance.com/en_us/home/poking-the-bear-three-year-campaign-targets-russian-critical-infrastructure.html
md5
855b937f668ecd90b8be004fd3c24717
Google SearchBrave Search

Metadata

affected productWindows_XP_Vista_7_8_10_Server_32_64_Bit
attack targetClient_Endpoint
created at2018_12_13
deploymentPerimeter
malware familyRedControle
performance impactLow
confidenceHigh
signature severityMajor
updated at2019_07_26

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!