ET COINMINER Observed DNS Query to Monero Miner Related Domain (monerohash .com)

SID: 2048922Rev: 114 viewsHistory

Sourceet/open

CreatedOctober 27, 2023

UpdatedOctober 27, 2023

Classificationcoin-mining

alert dns $HOME_NET any -> any any (msg:"ET COINMINER Observed DNS Query to Monero Miner Related Domain (monerohash .com)"; dns.query; bsize:14; content:"monerohash.com"; nocase; reference:url,asec.ahnlab.com/en/54647/; classtype:coin-mining; sid:2048922; rev:1; metadata:attack_target Client_Endpoint, created_at 2023_10_27, deployment Perimeter, performance_impact Low, confidence High, signature_severity Informational, updated_at 2023_10_27, reviewed_at 2023_10_27; target:src_ip;)

References

url	asec.ahnlab.com/en/54647/

Metadata

attack targetClient_Endpoint

created at2023_10_27

deploymentPerimeter

performance impactLow

confidenceHigh

signature severityInformational

updated at2023_10_27

reviewed at2023_10_27

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!