🐾 - 🚨 Outgoing connection ↗ 🎛 C2 - UNC1878 - 🔒 Rançongiciel Conti - C2 IceID - Suricata Rule 3317102 (pawpatrules)

🐾 - 🚨 Outgoing connection ↗ 🎛 C2 - UNC1878 - 🔒 Rançongiciel Conti - C2 IceID

SID: 3317102Rev: 10 views

Sourcepawpatrules

CreatedMay 14, 2021

UpdatedMay 14, 2021

Classificationtrojan-activity

alert ip any any -> 68.183.20.194 any (msg:"🐾 - 🚨 Outgoing connection ↗ 🎛 C2 - UNC1878 - 🔒 Rançongiciel Conti - C2 IceID"; reference:url,https://thedfirreport.com/2021/05/12/conti-ransomware/; reference:url,https://malpedia.caad.fkie.fraunhofer.de/details/win.conti; reference:url,https://malpedia.caad.fkie.fraunhofer.de/actor/unc1878; metadata:created_at 2021_05_14, updated_at 2021_05_14; sid:3317102; rev:1; classtype:trojan-activity;)

References

url	https://thedfirreport.com/2021/05/12/conti-ransomware/
url	https://malpedia.caad.fkie.fraunhofer.de/details/win.conti
url	https://malpedia.caad.fkie.fraunhofer.de/actor/unc1878

🐾 - 🚨 Outgoing connection ↗ 🎛 C2 - UNC1878 - 🔒 Rançongiciel Conti - C2 IceID

References

Metadata

Comments (0)