🐾 - ☠ DNS Request 🌐 > 🏴‍☠️ TA551 Group / GOLD CABIN / Shakthak - Domain

SID: 3315773Rev: 20 views
Sourcepawpatrules
CreatedAugust 25, 2021
UpdatedOctober 1, 2021
Classificationtrojan-activity
alert dns any any -> any any (msg:"🐾 - ☠ DNS Request 🌐 > 🏴‍☠️ TA551 Group / GOLD CABIN / Shakthak - Domain"; flow:to_server, stateless; dns_query; content:"turtleoil1998b.com"; nocase; reference:url,https://github.com/hpthreatresearch/iocs/blob/main/TA551/domains.txt; reference:url,https://threatresearch.ext.hp.com/detecting-ta551-domains/; reference:url,https://malpedia.caad.fkie.fraunhofer.de/actor/gold_cabin; metadata:created_at 2021_08_25, updated_at 2021_10_01; sid:3315773; rev:2; classtype:trojan-activity;)

References

urlhttps://github.com/hpthreatresearch/iocs/blob/main/TA551/domains.txt
urlhttps://threatresearch.ext.hp.com/detecting-ta551-domains/
urlhttps://malpedia.caad.fkie.fraunhofer.de/actor/gold_cabin

Metadata

created at2021_08_25
updated at2021_10_01

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!