🐾 - ☠ DNS request 🌐 🎛 Get2 C2 👿 TA505

SID: 3315034Rev: 10 views
Sourcepawpatrules
CreatedFebruary 15, 2021
UpdatedFebruary 15, 2021
Classificationtrojan-activity
alert dns any any -> any any (msg:"🐾 - ☠ DNS request 🌐 🎛 Get2 C2 👿 TA505"; flow:to_server, stateless; dns_query; content:"mainten-ferrum.com"; nocase; reference:url,https://www.cert.ssi.gouv.fr/ioc/CERTFR-2021-IOC-001/; reference:url,https://malpedia.caad.fkie.fraunhofer.de/actor/ta505; metadata:created_at 2021_02_15, updated_at 2021_02_15; sid:3315034; rev:1; classtype:trojan-activity;)

References

urlhttps://www.cert.ssi.gouv.fr/ioc/CERTFR-2021-IOC-001/
urlhttps://malpedia.caad.fkie.fraunhofer.de/actor/ta505

Metadata

created at2021_02_15
updated at2021_02_15

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!