ET MALWARE CloudAtlas Related Domain in DNS Lookup (protocol-list .com)

SID: 2039773Rev: 20 views
History
Sourceet/open
CreatedNovember 14, 2022
UpdatedMarch 29, 2023
Classificationdomain-c2
alert dns $HOME_NET any -> any any (msg:"ET MALWARE CloudAtlas Related Domain in DNS Lookup (protocol-list .com)"; dns.query; content:"protocol-list.com"; nocase; bsize:17; reference:url,twitter.com/h2jazi/status/1592158351475240962; reference:md5,ae828e3c03cc1aaedc43bb391e8b47ed; reference:md5,c7a1dd829b03b47c6038afa870b2f965; reference:md5,89d40dd2db9c2cfd6a03b20b307dcdec; reference:md5,c2064c7f4826c46bc609c472597366fd; classtype:domain-c2; sid:2039773; rev:2; metadata:attack_target Client_Endpoint, created_at 2022_11_14, deployment Perimeter, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2023_03_29;)

References

urltwitter.com/h2jazi/status/1592158351475240962
md5
ae828e3c03cc1aaedc43bb391e8b47ed
Google SearchBrave Search
md5
c7a1dd829b03b47c6038afa870b2f965
Google SearchBrave Search
md5
89d40dd2db9c2cfd6a03b20b307dcdec
Google SearchBrave Search
md5
c2064c7f4826c46bc609c472597366fd
Google SearchBrave Search

Metadata

attack targetClient_Endpoint
created at2022_11_14
deploymentPerimeter
confidenceHigh
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2023_03_29

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!