🐾 - 🚨 DumpIt (Comae) - Memory Dump Started from Windows 🪟)

SID: 3301095Rev: 55 views
Sourcepawpatrules
CreatedDecember 4, 2023
UpdatedDecember 4, 2023
Classificationpolicy-violation
alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"🐾 - 🚨 DumpIt (Comae) - Memory Dump Started from Windows 🪟)"; flow:to_server, stateless; ja3.hash; content:"ce5f3254611a8c095a3d821d44539877"; fast_pattern; tls_sni; content:"comae.com"; endswith; nocase; reference:url,https://www.magnetforensics.com/fr/resources/magnet-dumpit-pour-windows/; metadata:created_at 2023_12_04, updated_at 2023_12_04; sid:3301095; rev:5; classtype:policy-violation;)

References

urlhttps://www.magnetforensics.com/fr/resources/magnet-dumpit-pour-windows/

Metadata

created at2023_12_04
updated at2023_12_04

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!