🐾 - 🚨 Outgoing connection ↗ 🎛 C2 🐀 SOMBRAT - UNC2447

SID: 3321089Rev: 10 views
Sourcepawpatrules
CreatedMay 3, 2021
UpdatedMay 3, 2021
Classificationtrojan-activity
alert ip any any -> 218.1.98.253 any (msg:"🐾 - 🚨 Outgoing connection ↗ 🎛 C2 🐀 SOMBRAT - UNC2447"; reference:url,https://www.fireeye.com/blog/threat-research/2021/04/unc2447-sombrat-and-fivehands-ransomware-sophisticated-financial-threat.html; metadata:created_at 2021_05_03, updated_at 2021_05_03; sid:3321089; rev:1; classtype:trojan-activity;)

References

urlhttps://www.fireeye.com/blog/threat-research/2021/04/unc2447-sombrat-and-fivehands-ransomware-sophisticated-financial-threat.html

Metadata

created at2021_05_03
updated at2021_05_03

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!