🐾 - 🚨 RedLine Stealer 💀 communication to C2 - Leak 🚱 - Suricata Rule 3301090 (pawpatrules)

🐾 - 🚨 RedLine Stealer 💀 communication to C2 - Leak 🚱

SID: 3301090Rev: 218 viewsHistory

Sourcepawpatrules

CreatedNovember 18, 2023

UpdatedJuly 14, 2024

Classificationtrojan-activity

alert tcp any any -> $EXTERNAL_NET any (msg:"🐾 - 🚨 RedLine Stealer 💀 communication to C2 - Leak 🚱"; flow:to_server, stateless; content:"|24 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f|"; reference:url,https://malpedia.caad.fkie.fraunhofer.de/details/win.redline_stealer; reference:url,https://twitter.com/Jane_0sint/status/1663543454092386307?s=20; reference:url,https://www.bitdefender.com/files/News/CaseStudies/study/415/Bitdefender-PR-Whitepaper-RedLine-creat6109-en-EN.pdf; target:src_ip; metadata:affected_product Windows_XP_Vista_7_8_10_11_Server_32_64_Bit, attack_target Client_Endpoint, created_at 2023_11_18, updated_at 2024_07_14; sid:3301090; rev:2; classtype:trojan-activity;)

References

url	https://malpedia.caad.fkie.fraunhofer.de/details/win.redline_stealer
url	https://twitter.com/Jane_0sint/status/1663543454092386307?s=20
url	https://www.bitdefender.com/files/News/CaseStudies/study/415/Bitdefender-PR-Whitepaper-RedLine-creat6109-en-EN.pdf

Metadata

affected productWindows_XP_Vista_7_8_10_11_Server_32_64_Bit

attack targetClient_Endpoint

created at2023_11_18

updated at2024_07_14

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!