ET MALWARE Linux/Dinodas RAT CnC Checkin - UDP - Suricata Rule 2051868 (et/open)

ET MALWARE Linux/Dinodas RAT CnC Checkin - UDP

SID: 2051868Rev: 1146 viewsHistory

Sourceet/open

CreatedMarch 29, 2024

UpdatedMarch 29, 2024

Classificationtrojan-activity

alert udp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Linux/Dinodas RAT CnC Checkin - UDP"; dsize:52; content:"|00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 04 00 00 00|"; offset:4; content:"|00 00 00 00 50 00 04 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00|"; fast_pattern; distance:6; within:28; reference:url,securelist.com/dinodasrat-linux-implant/112284/; reference:md5,8138f1af1dc51cde924aa2360f12d650; classtype:trojan-activity; sid:2051868; rev:1; metadata:affected_product Linux, attack_target Client_and_Server, tls_state plaintext, created_at 2024_03_29, deployment Perimeter, performance_impact Low, confidence High, signature_severity Major, updated_at 2024_03_29; target:src_ip;)

References

url	securelist.com/dinodasrat-linux-implant/112284/
md5	8138f1af1dc51cde924aa2360f12d650 Google Search Brave Search

Metadata

affected productLinux

attack targetClient_and_Server

tls stateplaintext

created at2024_03_29

deploymentPerimeter

performance impactLow

confidenceHigh

signature severityMajor

updated at2024_03_29

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!