ET MALWARE Observed DNS Query to APT36 Domain (coadelhi .in)

SID: 2068040Rev: 10 viewsHistory

Sourceet/open

CreatedMarch 6, 2026

UpdatedMarch 6, 2026

Classificationtrojan-activity

alert dns $HOME_NET any -> any any (msg:"ET MALWARE Observed DNS Query to APT36 Domain (coadelhi .in)"; dns.query; dotprefix; content:".coadelhi.in"; nocase; endswith; reference:url,github.com/bitdefender/malware-ioc/blob/master/2026_03_05-apt36-iocs.csv; classtype:trojan-activity; sid:2068040; rev:1; metadata:attack_target Client_Endpoint, created_at 2026_03_06, deployment Perimeter, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, tag APT36, updated_at 2026_03_06;)

References

url	github.com/bitdefender/malware-ioc/blob/master/2026_03_05-apt36-iocs.csv

Metadata

attack targetClient_Endpoint

created at2026_03_06

deploymentPerimeter

confidenceHigh

signature severityMajor

tagAPT36

updated at2026_03_06

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!