alert tcp $HOME_NET any -> $EXTERNAL_NET 8080 (msg:"ET TROJAN Possible Chimera Ransomware - Bitmessage Activity"; flow:established,to_server; content:"version"; offset:4; depth:7; content:"Bitmessage|3a|"; distance:0; reference:md5,b66a864255ad796cf1e82f973f67f556; reference:url,reaqta.com/2015/11/diving-into-chimera-ransomware/; classtype:policy-violation; sid:2022075; rev:1; metadata:attack_target Client_Endpoint, created_at 2015_11_12, deployment Perimeter, former_category MALWARE, signature_severity Major, tag Ransomware, updated_at 2015_11_12, mitre_tactic_id TA0040, mitre_tactic_name Impact, mitre_technique_id T1486, mitre_technique_name Data_Encrypted_for_Impact;)

Added 2021-10-04 19:24:42 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 8080 (msg:"ET TROJAN Possible Chimera Ransomware - Bitmessage Activity"; flow:established,to_server; content:"version"; offset:4; depth:7; content:"Bitmessage|3a|"; distance:0; reference:md5,b66a864255ad796cf1e82f973f67f556; reference:url,reaqta.com/2015/11/diving-into-chimera-ransomware/; classtype:policy-violation; sid:2022075; rev:1; metadata:created_at 2015_11_12, updated_at 2015_11_12;)

Added 2021-09-21 20:00:25 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 8080 (msg:"ET TROJAN Possible Chimera Ransomware - Bitmessage Activity"; flow:established,to_server; content:"version"; offset:4; depth:7; content:"Bitmessage|3a|"; distance:0; reference:md5,b66a864255ad796cf1e82f973f67f556; reference:url,reaqta.com/2015/11/diving-into-chimera-ransomware/; classtype:policy-violation; sid:2022075; rev:1; metadata:created_at 2015_11_11, updated_at 2015_11_11;)

Added 2018-09-13 19:51:56 UTC


Added 2018-09-13 18:00:31 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 8080 (msg:"ET TROJAN Possible Chimera Ransomware - Bitmessage Activity"; flow:established,to_server; content:"version"; offset:4; depth:7; content:"Bitmessage|3a|"; distance:0; reference:md5,b66a864255ad796cf1e82f973f67f556; reference:url,reaqta.com/2015/11/diving-into-chimera-ransomware/; classtype:policy-violation; sid:2022075; rev:1; metadata:created_at 2015_11_11, updated_at 2015_11_11;)

Added 2017-08-07 21:16:53 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 8080 (msg:"ET TROJAN Possible Chimera Ransomware - Bitmessage Activity"; flow:established,to_server; content:"version"; offset:4; depth:7; content:"Bitmessage|3a|"; distance:0; reference:md5,b66a864255ad796cf1e82f973f67f556; reference:url,reaqta.com/2015/11/diving-into-chimera-ransomware/; classtype:policy-violation; sid:2022075; rev:1;)

Added 2015-11-11 17:15:36 UTC


Topic revision: r1 - 2021-10-04 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats