🐾 - 🚨 Outgoing connection ↗ 🎛 C2 Cobalt Strike / Metasploit 🔒 Rançongiciel CLOP - 👿 TA505
Sourcepawpatrules
CreatedJuly 1, 2020
UpdatedFebruary 15, 2021
Classificationtrojan-activity
alert ip any any -> 91.214.124.0/24 any (msg:"🐾 - 🚨 Outgoing connection ↗ 🎛 C2 Cobalt Strike / Metasploit 🔒 Rançongiciel CLOP - 👿 TA505"; reference:url,https://twitter.com/anthomsec/status/1208034102403903488; reference:url,https://twitter.com/AltShiftPrtScn/status/1228367708472913920; reference:url,https://twitter.com/AltShiftPrtScn/status/1184032851932659712; reference:url,https://twitter.com/ScumBots/status/1217818670497439745; reference:url,https://www.cert.ssi.gouv.fr/ioc/CERTFR-2021-IOC-001/; reference:url,https://malpedia.caad.fkie.fraunhofer.de/details/win.clop; reference:url,https://malpedia.caad.fkie.fraunhofer.de/actor/ta505; metadata:created_at 2020_07_01, updated_at 2021_02_15; sid:3315300; rev:2; classtype:trojan-activity;)
References
Metadata
created at2020_07_01
updated at2021_02_15
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!