ET MALWARE Win32/Koi Loader/Stealer CnC Domain in DNS Lookup (podologie-werne .de)
Sourceet/open
CreatedDecember 21, 2023
UpdatedOctober 3, 2024
Classificationtrojan-activity
alert dns $HOME_NET any -> any any (msg:"ET MALWARE Win32/Koi Loader/Stealer CnC Domain in DNS Lookup (podologie-werne .de)"; dns.query; bsize:18; content:"podologie-werne.de"; nocase; reference:md5,09350493580399e2983148e80fd4490b; classtype:trojan-activity; sid:2049820; rev:2; metadata:affected_product Any, attack_target Client_Endpoint, created_at 2023_12_21, deployment Perimeter, malware_family Win32_Koi, performance_impact Low, confidence High, signature_severity Major, updated_at 2024_10_03, reviewed_at 2024_10_03;)
References
| md5 | 09350493580399e2983148e80fd4490b |
Metadata
affected productAny
attack targetClient_Endpoint
created at2023_12_21
deploymentPerimeter
malware familyWin32_Koi
performance impactLow
confidenceHigh
signature severityMajor
updated at2024_10_03
reviewed at2024_10_03
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!