ET MALWARE ELF/Freakout IRC Checkin

SID: 2031534Rev: 10 views
History
Sourceet/open
CreatedJanuary 20, 2021
UpdatedJanuary 20, 2021
Classificationcommand-and-control
alert tcp $HOME_NET any -> $EXTERNAL_NET 1024: (msg:"ET MALWARE ELF/Freakout IRC Checkin"; flow:established,to_server; content:"NICK|20|[HAX|7c|"; depth:10; reference:url,research.checkpoint.com/2021/freakout-leveraging-newest-vulnerabilities-for-creating-a-botnet/; classtype:command-and-control; sid:2031534; rev:1; metadata:affected_product Linux, attack_target Client_Endpoint, created_at 2021_01_20, deployment Perimeter, malware_family ELF_Freakout, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2021_01_20;)

References

urlresearch.checkpoint.com/2021/freakout-leveraging-newest-vulnerabilities-for-creating-a-botnet/

Metadata

affected productLinux
attack targetClient_Endpoint
created at2021_01_20
deploymentPerimeter
malware familyELF_Freakout
confidenceHigh
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2021_01_20

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!