ET MALWARE Lucifer CnC Checkin

SID: 2030445Rev: 10 views
History
Sourceet/open
CreatedJuly 2, 2020
UpdatedJuly 2, 2020
Classificationcommand-and-control
alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Lucifer CnC Checkin"; flow:established,to_server; content:"INTOGC"; offset:105; depth:6; fast_pattern; content:"ID"; distance:6; within:2; reference:url,unit42.paloaltonetworks.com/lucifer-new-cryptojacking-and-ddos-hybrid-malware; reference:md5,92c3cfee6768ed284310313aa17e0d26; classtype:command-and-control; sid:2030445; rev:1; metadata:attack_target Client_Endpoint, created_at 2020_07_02, deployment Perimeter, performance_impact Low, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_07_02;)

References

urlunit42.paloaltonetworks.com/lucifer-new-cryptojacking-and-ddos-hybrid-malware
md5
92c3cfee6768ed284310313aa17e0d26
Google SearchBrave Search

Metadata

attack targetClient_Endpoint
created at2020_07_02
deploymentPerimeter
performance impactLow
confidenceHigh
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2020_07_02

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!