ET MALWARE Suspected Bitter APT Related Activity

SID: 2039800Rev: 10 views
History
Sourceet/open
CreatedNovember 16, 2022
UpdatedNovember 16, 2022
Classificationtrojan-activity
alert tcp-pkt $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Suspected Bitter APT Related Activity"; flow:established,to_server; dsize:<200; content:"|00 ca 0a 62|"; offset:1; depth:4; fast_pattern; content:"|ca fa ca ca ca|"; endswith; reference:url,twitter.com/ThreatBookLabs/status/1592809339869593601; reference:md5,ef099d5fe4075132bf3812c9d5ffa8f9; reference:md5,a9ed771d128a6ccf67097b6ecd136885; reference:md5,06a7eccd74a6aa5aa12755cd48829f90; classtype:trojan-activity; sid:2039800; rev:1; metadata:attack_target Client_Endpoint, created_at 2022_11_16, deployment Perimeter, malware_family Bitter, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2022_11_16;)

References

urltwitter.com/ThreatBookLabs/status/1592809339869593601
md5
ef099d5fe4075132bf3812c9d5ffa8f9
Google SearchBrave Search
md5
a9ed771d128a6ccf67097b6ecd136885
Google SearchBrave Search
md5
06a7eccd74a6aa5aa12755cd48829f90
Google SearchBrave Search

Metadata

attack targetClient_Endpoint
created at2022_11_16
deploymentPerimeter
malware familyBitter
confidenceMedium
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2022_11_16

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!