|
About the Rule Signatures category
|
|
0
|
487
|
September 12, 2022
|
|
Eternity Clipper
|
|
4
|
96
|
September 27, 2023
|
|
NStealer v2
|
|
3
|
73
|
September 25, 2023
|
|
DarkCrystal RAT
|
|
11
|
153
|
September 21, 2023
|
|
Lumma Stealer Updates
|
|
2
|
107
|
September 15, 2023
|
|
Lumma Stealer Configuration
|
|
6
|
314
|
September 15, 2023
|
|
Echida Botnet
|
|
3
|
153
|
September 11, 2023
|
|
JSCAPE MFT Binary Management Java Deserialization - CVE-2023-4528
|
|
0
|
63
|
September 8, 2023
|
|
SIG: ET MOBILE_MALWARE Android/InfamousChisel.InfoStealer APT28/SANDWORM Data Exfiltration
|
|
2
|
119
|
September 1, 2023
|
|
TheBoxClipper
|
|
2
|
188
|
August 30, 2023
|
|
RootTeam Stealer and overlap issues on Bandit Stealer rule detection
|
|
7
|
323
|
August 29, 2023
|
|
Mekotio
|
|
2
|
108
|
August 24, 2023
|
|
RisePro TCP v.0.1
|
|
4
|
296
|
August 17, 2023
|
|
Parallax Rat
|
|
3
|
133
|
August 14, 2023
|
|
SIG: CloudFlare Tunnel DNS Query For argotunnel.com
|
|
2
|
78
|
August 14, 2023
|
|
Poverty Stealer
|
|
6
|
350
|
August 12, 2023
|
|
StealC Stealer
|
|
5
|
194
|
August 11, 2023
|
|
DarkCloud
|
|
2
|
129
|
August 9, 2023
|
|
Phemedrone Stealer
|
|
1
|
91
|
August 7, 2023
|
|
Possible FP - JA3 Hash - [Abuse.ch] Possible Adware
|
|
1
|
87
|
August 1, 2023
|
|
Cryptbot Stealer - Update on Rules
|
|
2
|
160
|
July 29, 2023
|
|
PennyWise Stealer - Update on rules
|
|
2
|
207
|
July 28, 2023
|
|
Hydrochasma (Fast Reverse Proxy)
|
|
7
|
255
|
July 27, 2023
|
|
SIGNATURE: MalDoc/Gamaredon CnC: (ADMIN- prepend)
|
|
2
|
105
|
July 27, 2023
|
|
Lazarus APT Backdoor
|
|
5
|
253
|
July 27, 2023
|
|
Rockwell cve 2023-3595 and 2023-3596 signatures
|
|
0
|
371
|
July 20, 2023
|
|
Konni.APT
|
|
1
|
174
|
July 14, 2023
|
|
Possible FP: ET MALWARE Sourtoff Receiving Simda Payload
|
|
4
|
120
|
July 7, 2023
|
|
Medusa Stealer
|
|
4
|
311
|
June 29, 2023
|
|
Mystic Stealer signature
|
|
6
|
273
|
June 28, 2023
|