alert udp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Ransomware/Cerber Checkin 2"; dsize:<11; content:"hi"; depth:2; fast_pattern; pcre:"/^[a-f0-9]{7,}$/R"; threshold: type both, track by_src, count 1, seconds 60; reference:md5,ac4d7fb5739862e9914556ed5d50f84f; classtype:trojan-activity; sid:2023453; rev:5; metadata:attack_target Client_Endpoint, created_at 2016_03_28, deployment Perimeter, former_category MALWARE, signature_severity Major, tag Ransomware, updated_at 2016_10_27, mitre_tactic_id TA0040, mitre_tactic_name Impact, mitre_technique_id T1486, mitre_technique_name Data_Encrypted_for_Impact;)

Added 2021-10-04 19:24:48 UTC


alert udp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Ransomware/Cerber Checkin 2"; dsize:<11; content:"hi"; depth:2; fast_pattern; pcre:"/^[a-f0-9]{7,}$/R"; threshold: type both, track by_src, count 1, seconds 60; reference:md5,ac4d7fb5739862e9914556ed5d50f84f; classtype:trojan-activity; sid:2023453; rev:5; metadata:created_at 2016_03_28, former_category MALWARE, updated_at 2016_10_27;)

Added 2020-08-05 19:12:47 UTC


alert udp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Ransomware/Cerber Checkin 2"; dsize:<11; content:"hi"; depth:2; fast_pattern; pcre:"/^[a-f0-9]{7,}$/R"; threshold: type both, track by_src, count 1, seconds 60; metadata: former_category MALWARE; reference:md5,ac4d7fb5739862e9914556ed5d50f84f; classtype:trojan-activity; sid:2023453; rev:5; metadata:created_at 2016_03_28, updated_at 2016_10_27;)

Added 2019-09-26 19:58:16 UTC


alert udp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Ransomware/Cerber Checkin 2"; dsize:<11; content:"hi"; depth:2; fast_pattern; pcre:"/^[a-f0-9]{7,}$/R"; threshold: type both, track by_src, count 1, seconds 60; reference:md5,ac4d7fb5739862e9914556ed5d50f84f; classtype:trojan-activity; sid:2023453; rev:5; metadata:created_at 2016_03_28, updated_at 2016_10_27;)

Added 2018-09-13 19:53:08 UTC


Added 2018-09-13 18:01:14 UTC


alert udp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Ransomware/Cerber Checkin 2"; dsize:<11; content:"hi"; depth:2; fast_pattern; pcre:"/^[a-f0-9]{7,}$/R"; threshold: type both, track by_src, count 1, seconds 60; reference:md5,ac4d7fb5739862e9914556ed5d50f84f; classtype:trojan-activity; sid:2023453; rev:5; metadata:created_at 2016_03_28, updated_at 2016_10_27;)

Added 2017-08-07 21:18:35 UTC


alert udp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Ransomware/Cerber Checkin 2"; dsize:<11; content:"hi"; depth:2; fast_pattern; pcre:"/^[a-f0-9]{7,}$/R"; threshold: type both, track by_src, count 1, seconds 60; reference:md5,ac4d7fb5739862e9914556ed5d50f84f; classtype:trojan-activity; sid:2023453; rev:5;)

Added 2016-10-27 18:22:35 UTC


alert udp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Ransomware/Cerber Checkin 2"; dsize:<11; content:"hi"; depth:2; fast_pattern; pcre:"/^[a-f0-9]{7,}$/R"; threshold: type both, track by_src, count 1, seconds 60; reference:md5,ac4d7fb5739862e9914556ed5d50f84f; classtype:trojan-activity; sid:2023453; rev:5;)

Added 2016-10-27 18:20:30 UTC


Topic revision: r1 - 2021-10-04 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats