REMOTE [PTsecurity] Crimson (APT TransparentTribe)

SID: 10011664Rev: 228 views
History
Sourceptrules/open
CreatedOctober 9, 2025
UpdatedOctober 9, 2025
Classificationtrojan-activity
alert tcp any any -> any any (msg:"REMOTE [PTsecurity] Crimson (APT TransparentTribe)"; flow:established, to_server; stream_size:server, <, 30; stream_size:server, >, 15; stream_size:client, <, 200; content:"|00 00 00 00|iny"; offset:1; depth:7; fast_pattern; content:"|3d|"; distance:3; content:"|00 00 00 7c|"; distance:3; content:"|7c|"; distance:3; content:"|7c|"; distance:0; content:"|7c|"; distance:0; content:"|7c|"; distance:0; reference:url, https://www.virustotal.com/gui/file/e87978f0af9bb550ab4686a7d3657e6cbfd92347744dfce8ff2321781ac2eee0/detection; reference:url, rules.ptsecurity.com; classtype:trojan-activity; sid:10011664; rev:2;)

References

urlhttps://www.virustotal.com/gui/file/e87978f0af9bb550ab4686a7d3657e6cbfd92347744dfce8ff2321781ac2eee0/detection
urlrules.ptsecurity.com

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!