ET MALWARE DNS Query to Lumma Stealer Domain (whispedwoodmoodsksl .shop)

SID: 2052787Rev: 11 views
History
Sourceet/open
CreatedMay 20, 2024
UpdatedMay 20, 2024
Classificationtrojan-activity
alert dns $HOME_NET any -> any any (msg:"ET MALWARE DNS Query to Lumma Stealer Domain (whispedwoodmoodsksl .shop)"; dns.query; dotprefix; content:".whispedwoodmoodsksl.shop"; nocase; endswith; reference:url,community.emergingthreats.net/t/lumma-stealer-domain/1651; classtype:trojan-activity; sid:2052787; rev:1; metadata:attack_target Client_Endpoint, tls_state plaintext, created_at 2024_05_20, deployment Perimeter, malware_family Lumma_Stealer, confidence High, signature_severity Major, updated_at 2024_05_20;)

References

urlcommunity.emergingthreats.net/t/lumma-stealer-domain/1651

Metadata

attack targetClient_Endpoint
tls stateplaintext
created at2024_05_20
deploymentPerimeter
malware familyLumma_Stealer
confidenceHigh
signature severityMajor
updated at2024_05_20

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!