|
DarkCloud
|
|
2
|
415
|
August 9, 2023
|
|
Phemedrone Stealer
|
|
1
|
257
|
August 7, 2023
|
|
Possible FP - JA3 Hash - [Abuse.ch] Possible Adware
|
|
1
|
323
|
August 1, 2023
|
|
PennyWise Stealer - Update on rules
|
|
2
|
431
|
July 28, 2023
|
|
Hydrochasma (Fast Reverse Proxy)
|
|
7
|
581
|
July 27, 2023
|
|
SIGNATURE: MalDoc/Gamaredon CnC: (ADMIN- prepend)
|
|
2
|
319
|
July 27, 2023
|
|
Lazarus APT Backdoor
|
|
5
|
698
|
July 27, 2023
|
|
Rockwell cve 2023-3595 and 2023-3596 signatures
|
|
0
|
618
|
July 20, 2023
|
|
Konni.APT
|
|
1
|
444
|
July 14, 2023
|
|
Possible FP: ET MALWARE Sourtoff Receiving Simda Payload
|
|
4
|
297
|
July 7, 2023
|
|
Mystic Stealer signature
|
|
6
|
669
|
June 28, 2023
|
|
StatusRecorder
|
|
1
|
381
|
June 27, 2023
|
|
ObserverStealer
|
|
5
|
560
|
June 23, 2023
|
|
GoodMorning Ransomware
|
|
7
|
465
|
June 23, 2023
|
|
FPs on new sig 2854494
|
|
2
|
204
|
June 20, 2023
|
|
SIG: MoveIt File Transfer WebShell Interaction
|
|
3
|
715
|
June 13, 2023
|
|
DynamicRAT
|
|
2
|
545
|
June 10, 2023
|
|
Gurcu stealer report outbound
|
|
7
|
414
|
May 30, 2023
|
|
New Signature: MalDoc/Gamaredon CnC Activity
|
|
1
|
198
|
May 19, 2023
|
|
Tracemap checkin
|
|
2
|
229
|
May 19, 2023
|
|
False positive for SID 2015813?: DNS Query Sinkhole Domain
|
|
1
|
304
|
May 15, 2023
|
|
Need a feedback about Kerio Control rule that's blocking the web, domen, even application
|
|
3
|
251
|
May 1, 2023
|
|
Possible FP on 2044745 (SOMNIRECORD Backdoor CMD Command in DNS Query)?
|
|
2
|
629
|
March 23, 2023
|
|
2013914: Not really relevant anymore?
|
|
1
|
288
|
March 9, 2023
|
|
GitLab Pre-Auth RCE (CVE-2021-22205) Signature
|
|
3
|
597
|
February 18, 2023
|
|
Kelios check in
|
|
2
|
387
|
February 3, 2023
|
|
Boost Beast check in and response
|
|
3
|
230
|
January 31, 2023
|
|
GCleaner Sig Submission
|
|
1
|
433
|
January 31, 2023
|
|
More DCRat Sig Submissions
|
|
2
|
182
|
January 20, 2023
|
|
DCRat Sig Submission
|
|
2
|
433
|
January 12, 2023
|