ET MALWARE Win32/Ficker Stealer Activity M3
Sourceet/open
CreatedOctober 28, 2020
UpdatedOctober 28, 2020
Classificationtrojan-activity
alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32/Ficker Stealer Activity M3"; flow:established,to_server; dsize:8; content:"|0c 00 0f 0a 0b 0a 0b 0a|"; reference:url,twitter.com/malware_traffic/status/1321182175916679168; reference:md5,25cddcec88ee81aab4db84bbd19a64d6; reference:url,app.any.run/tasks/228c144e-90a0-4e8f-87d8-102bc04b0335/; classtype:trojan-activity; sid:2031132; rev:1; metadata:attack_target Client_Endpoint, created_at 2020_10_28, deployment Perimeter, malware_family Win32_Ficker, performance_impact Low, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_10_28;)
References
| url | twitter.com/malware_traffic/status/1321182175916679168 |
| md5 | 25cddcec88ee81aab4db84bbd19a64d6 |
| url | app.any.run/tasks/228c144e-90a0-4e8f-87d8-102bc04b0335/ |
Metadata
attack targetClient_Endpoint
created at2020_10_28
deploymentPerimeter
malware familyWin32_Ficker
performance impactLow
confidenceMedium
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2020_10_28
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!