🐾 - 🚨 Outgoing connection ↗ possible DLL downloading 🔒 Egregor ransomware

SID: 3306801Rev: 10 views
Sourcepawpatrules
CreatedDecember 24, 2020
UpdatedDecember 24, 2020
Classificationtrojan-activity
alert ip any any -> 185.238.0.233 any (msg:"🐾 - 🚨 Outgoing connection ↗ possible DLL downloading 🔒 Egregor ransomware"; reference:url,https://www.cert.ssi.gouv.fr/ioc/CERTFR-2020-IOC-006/; reference:url,https://www.cert.ssi.gouv.fr/cti/CERTFR-2020-CTI-012/; reference:url,https://digital.nhs.uk/cyber-alerts/2020/cc-3681; reference:url,https://www.intrinsec.com/egregor-prolock/; metadata:created_at 2020_12_24, updated_at 2020_12_24; sid:3306801; rev:1; classtype:trojan-activity;)

References

urlhttps://www.cert.ssi.gouv.fr/ioc/CERTFR-2020-IOC-006/
urlhttps://www.cert.ssi.gouv.fr/cti/CERTFR-2020-CTI-012/
urlhttps://digital.nhs.uk/cyber-alerts/2020/cc-3681
urlhttps://www.intrinsec.com/egregor-prolock/

Metadata

created at2020_12_24
updated at2020_12_24

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!