ET INFO DYNAMIC_DNS Query to a *.photo-cult .com DomainSource: et/open
alert dns $HOME_NET any -> any any (msg: "ET INFO DYNAMIC_DNS Query to a *.photo-cult .com Domain"; dns.query; content: ".photo-cult.com"; fast_pattern; nocase; endswith; reference: url,freedns.afraid.org/domain/registry/page-2.html; classtype: bad-unknown; sid: 2048371; rev: 2; metadata: attack_target Client_and_Server, created_at 2023_10_02, deployment Perimeter, performance_impact Low, confidence High, signature_severity Informational, updated_at 2024_12_01, reviewed_at 2023_10_02, mitre_tactic_id TA0011, mitre_tactic_name Command_And_Control, mitre_technique_id T1568, mitre_technique_name Dynamic_Resolution;)
References | |
---|---|
URL | https://freedns.afraid.org/domain/registry/page-2.html |
Metadata | |
---|---|
attack_target | Client_and_Server |
created_at | 2023_10_02 |
deployment | Perimeter |
performance_impact | Low |
confidence | High |
signature_severity | Informational |
updated_at | 2024_12_01 |
reviewed_at | 2023_10_02 |
mitre_tactic_id | TA0011 |
mitre_tactic_name | Command_And_Control |
mitre_technique_id | T1568 |
mitre_technique_name | Dynamic_Resolution |
Views: 18