Ruleset Update Summary - 2024/09/19 - v10699

Ruleset Updates
1

Summary:

0 new OPEN, 0 new PRO (0 + 0)

Modified inactive rules:

  • 2034090 - ET POLICY External IP Lookup via ad4989 .co .kr (policy.rules)
  • 2035896 - ET MALWARE Observed SocGholish Domain in TLS SNI (malware.rules)
  • 2038948 - ET MALWARE SocGholish Domain in DNS Lookup (casting .faeryfox .com) (malware.rules)
  • 2038949 - ET MALWARE SocGholish Domain in DNS Lookup (predator .foxscalesjewelry .com) (malware.rules)
  • 2038950 - ET MALWARE SocGholish Domain in DNS Lookup (amplifier .myjesusloves .me) (malware.rules)
  • 2038951 - ET MALWARE SocGholish Domain in DNS Lookup (loans .mistakenumberone .com) (malware.rules)
  • 2038952 - ET MALWARE SocGholish Domain in DNS Lookup (restructuring .breatheinnew .life) (malware.rules)
  • 2038953 - ET MALWARE SocGholish Domain in DNS Lookup (prompt .zonashoppers .academy) (malware.rules)
  • 2038954 - ET MALWARE SocGholish Domain in DNS Lookup (hair .2topost .com) (malware.rules)
  • 2038955 - ET MALWARE SocGholish Domain in DNS Lookup (custom .usmuchmedia .com) (malware.rules)
  • 2038956 - ET MALWARE SocGholish CnC Domain in DNS Lookup (moments .abledity .com) (malware.rules)
  • 2038957 - ET MALWARE SocGholish Domain in DNS Lookup (notes .fumcpittsburg .org) (malware.rules)
  • 2038972 - ET MALWARE SocGholish Domain in DNS Lookup (tutorials .girandolashutkindconstruction .com) (malware.rules)
  • 2039001 - ET MALWARE SocGholish CnC Domain in DNS Lookup (jobs .registermegod .online) (malware.rules)
  • 2039002 - ET MALWARE SocGholish Domain in DNS Lookup (logistics .socialtrendsmanagement .com) (malware.rules)
  • 2039003 - ET MALWARE SocGholish Domain in DNS Lookup (football .4tosocial .com) (malware.rules)
  • 2039004 - ET MALWARE SocGholish Domain in DNS Lookup (memorial .4tosocialprofessional .com) (malware.rules)
  • 2039010 - ET MALWARE SocGholish Domain in DNS Lookup (people .zonashoppers .com) (malware.rules)
  • 2039026 - ET MALWARE SocGholish Domain in DNS Lookup (soendorg .top) (malware.rules)
  • 2039032 - ET MALWARE SocGholish Domain in DNS Lookup (training .c1ypsilanti .org) (malware.rules)
  • 2039033 - ET MALWARE SocGholish Domain in DNS Lookup (engine .discoveryhypnosis .com) (malware.rules)
  • 2039034 - ET MALWARE SocGholish Domain in DNS Lookup (fundraising .mystylingmylife .xyz) (malware.rules)
  • 2039035 - ET MALWARE SocGholish Domain in DNS Lookup (resale .adkelly .com) (malware.rules)
  • 2039036 - ET MALWARE SocGholish Domain in DNS Lookup (auction .wonderwomanquilts .com) (malware.rules)
  • 2039078 - ET MALWARE SocGholish Domain in DNS Lookup (premiere .4tosocialbeginners .com) (malware.rules)
  • 2039119 - ET MALWARE SocGholish CnC Domain in DNS Lookup (internal .blessedfoodshalalmeat .com) (malware.rules)
  • 2039136 - ET MALWARE SocGholish Domain in DNS Lookup (repo .allgoodsnservices .com) (malware.rules)
  • 2039137 - ET MALWARE SocGholish Domain in DNS Lookup (family .1ablecommunity .com) (malware.rules)
  • 2039138 - ET MALWARE SocGholish Domain in DNS Lookup (resort .reliablecommunityservices .com) (malware.rules)
  • 2039139 - ET MALWARE SocGholish Domain in DNS Lookup (ecar .allsunstates .com) (malware.rules)
  • 2039140 - ET MALWARE SocGholish CnC Domain in DNS Lookup (houses .in-vermont .com) (malware.rules)
  • 2039169 - ET MALWARE SocGholish CnC Domain in DNS Lookup (demand .sageyogatherapies .com) (malware.rules)
  • 2039416 - ET MALWARE SocGholish CnC Domain in DNS Lookup (offerings .love4lifewellness .com) (malware.rules)
  • 2039427 - ET MALWARE SocGholish Domain in DNS Lookup (festival .robingaster .com) (malware.rules)
  • 2039442 - ET MALWARE SocGholish Domain in DNS Lookup (consultant .meredithklemmblog .com) (malware.rules)
  • 2039443 - ET MALWARE SocGholish Domain in DNS Lookup (malware.rules)
  • 2039444 - ET MALWARE SocGholish CnC Domain in DNS Lookup (malware.rules)
  • 2039484 - ET MALWARE SocGholish CnC Domain in DNS Lookup (discover .jsfconnections .com) (malware.rules)
  • 2039510 - ET MALWARE SocGholish Domain in DNS Lookup (chess .north-atlantic .com) (malware.rules)
  • 2039585 - ET MALWARE SocGholish Domain in DNS Lookup (shipwrecks .ggentile .com) (malware.rules)
  • 2039597 - ET MALWARE SocGholish CnC Domain in DNS Lookup (portraits .studio-94-photography .com) (malware.rules)
  • 2039617 - ET MALWARE SocGholish Domain in DNS Lookup (squad .incumetrics .com) (malware.rules)
  • 2039620 - ET MALWARE SocGholish Domain in DNS Lookup (myfood .silverspringfoodproject .org) (malware.rules)
  • 2039623 - ET MALWARE SocGholish Domain in DNS Lookup (podcasts .momsgrabcoffee .com) (malware.rules)
  • 2039682 - ET INFO External IP Lookup Domain (peoplesearch .real .com) in DNS Lookup (info.rules)
  • 2039751 - ET MALWARE SocGholish Domain in DNS Lookup (course .netpickstrading .com) (malware.rules)
  • 2039752 - ET MALWARE SocGholish CnC Domain in DNS Lookup (campaign .tworiversboat .com) (malware.rules)
  • 2039757 - ET MALWARE SocGholish Domain in DNS Lookup (automatic .tworiversboats .com) (malware.rules)
  • 2039766 - ET MALWARE SocGholish CnC Domain in DNS Lookup (rate .coinangel .online) (malware.rules)
  • 2039780 - ET MALWARE SocGholish Domain in DNS Lookup (community .backpacktrader .com) (malware.rules)
  • 2039788 - ET MALWARE SocGholish Domain in DNS Lookup (casting .austinonline .shop) (malware.rules)
  • 2039789 - ET MALWARE SocGholish Domain in DNS Lookup (collapse .tradingiswar .com) (malware.rules)
  • 2039790 - ET MALWARE SocGholish Domain in DNS Lookup (founder .carflower .pics) (malware.rules)
  • 2039791 - ET MALWARE SocGholish Domain in DNS Lookup (travel .dianatokaji .com) (malware.rules)
  • 2039792 - ET MALWARE SocGholish CnC Domain in DNS Lookup (diary .lojjh .com) (malware.rules)
  • 2039798 - ET MALWARE SocGholish Domain in DNS Lookup (factors .djbel .com) (malware.rules)
  • 2039817 - ET MALWARE SocGholish Domain in DNS Lookup (mini .ptipexcel .com) (malware.rules)
  • 2039830 - ET MALWARE SocGholish Domain in DNS Lookup (dashboard .skybacherslocker .com) (malware.rules)
  • 2039831 - ET MALWARE SocGholish Domain in DNS Lookup (montage .travelguidediva .com) (malware.rules)
  • 2039838 - ET MALWARE SocGholish Domain in DNS Lookup (hook .adieh .com) (malware.rules)
  • 2039839 - ET MALWARE SocGholish Domain in DNS Lookup (subscribe .3gbling .com) (malware.rules)
  • 2040145 - ET MALWARE SocGholish Domain in DNS Lookup (wiki .clotheslane .com) (malware.rules)
  • 2040146 - ET MALWARE SocGholish Domain in DNS Lookup (perspective .cdsignner .com) (malware.rules)
  • 2040147 - ET MALWARE SocGholish Domain in DNS Lookup (mask .covidturf .com) (malware.rules)
  • 2040148 - ET MALWARE SocGholish Domain in DNS Lookup (progress .cashdigger .com) (malware.rules)
  • 2041784 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .fate .truelance .com) (malware.rules)
  • 2042773 - ET MALWARE SocGholish Domain in DNS Lookup (modernism .designpaw .com) (malware.rules)
  • 2042774 - ET MALWARE SocGholish Domain in DNS Lookup (library .covebooks .com) (malware.rules)
  • 2042953 - ET MALWARE SocGholish Domain in DNS Lookup (fittingroom .gibbsjewelry .com) (malware.rules)
  • 2042954 - ET MALWARE SocGholish Domain in DNS Lookup (deposit .coveprice .com) (malware.rules)
  • 2042955 - ET MALWARE SocGholish Domain in DNS Lookup (brooklands .harteverything .com) (malware.rules)
  • 2042968 - ET MALWARE SocGholish Domain in DNS Lookup (navyseal .bezmail .com) (malware.rules)
  • 2042993 - ET MALWARE SocGholish Domain in DNS Lookup (governing .beautynic .com) (malware.rules)
  • 2042999 - ET MALWARE SocGholish Domain in DNS Lookup (group5 .corralphacap .com) (malware.rules)
  • 2043000 - ET MALWARE SocGholish Domain in DNS Lookup (navyseal .digijump .online) (malware.rules)
  • 2043001 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .shrubs .emptyisland .pics) (malware.rules)
  • 2043251 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .asset .tradingvein .xyz) (malware.rules)
  • 2043422 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .betting .cockroachracing .site) (malware.rules)
  • 2043456 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .market .dentureforfree .online) (malware.rules)
  • 2043457 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .rendezvous .tophandsome .gay) (malware.rules)
  • 2043458 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .signing .unitynotarypublic .com) (malware.rules)
  • 2044140 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .samples .muzikcitysound .com) (malware.rules)
  • 2044176 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .distributor .techsavvyauto .com) (malware.rules)
  • 2044177 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .picture .mercedesbestphoto .store) (malware.rules)
  • 2044257 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .calendar .wishmarkets .com) (malware.rules)
  • 2044316 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .decision .alshafipdk .com) (malware.rules)
  • 2044369 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .stuff .libertydentalcourse .ca) (malware.rules)
  • 2044536 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .tool .pearldentalgroup .ca) (malware.rules)
  • 2044630 - ET MALWARE SocGholish CnC Domain in DNS Lookup (*.favor.thehouseplantblog.com) (malware.rules)
  • 2044705 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .language .sebtomato .com) (malware.rules)
  • 2044793 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .lap .detroitdragway .com) (malware.rules)
  • 2044911 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .cloudid .teacherhamish .com) (malware.rules)
  • 2044984 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .reseller .wonderfulworldblog .com) (malware.rules)
  • 2045286 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .score .symposiumhaiti .com) (malware.rules)
  • 2045771 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .accounting .bridgemastersllc .com) (malware.rules)
  • 2045819 - ET MALWARE SocGholish Domain in DNS Lookup (training .defcon1 .us) (malware.rules)
  • 2045863 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .offer .rpacxtaxappeal .com) (malware.rules)
  • 2046069 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .nodes .gammalambdalambda .org) (malware.rules)
  • 2046301 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .rfc .zitoprohealth .com) (malware.rules)
  • 2046828 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .plan .gemmadeealexander .com) (malware.rules)
  • 2046866 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .plan .gemmadeealexander .com) (malware.rules)
  • 2047057 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .excluded .everyadpaysmefirst .com) (malware.rules)
  • 2047058 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .excluded .everyadpaysmefirst .com) (malware.rules)
  • 2047618 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .timeline .transversallearning .com) (malware.rules)
  • 2047619 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .timeline .transversallearning .com) (malware.rules)
  • 2047650 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .photo .beyoudcor .com) (malware.rules)
  • 2047651 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .photo .beyoudcor .com) (malware.rules)
  • 2047661 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .workout .oystergardener .net) (malware.rules)
  • 2047662 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .workout .oystergardener .net) (malware.rules)
  • 2047988 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .2023 .ebeenj .com) (malware.rules)
  • 2047989 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .2023 .ebeenj .com) (malware.rules)
  • 2048115 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .layout .oystergardens .us) (malware.rules)
  • 2048116 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .layout .oystergardens .us) (malware.rules)
  • 2048693 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .result .garrettcountygranfondo .org) (malware.rules)
  • 2048694 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .result .garrettcountygranfondo .org) (malware.rules)
  • 2049125 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .caching .oysterfloats .com) (malware.rules)
  • 2049126 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .caching .oysterfloats .com) (malware.rules)
  • 2049266 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .novelty .akibacreative .com) (malware.rules)
  • 2049267 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .novelty .akibacreative .com) (malware.rules)
  • 2049293 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .sync .oystergardens .club) (malware.rules)
  • 2049294 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .sync .oystergardens .club) (malware.rules)
  • 2049532 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .cloudid .coffeeonboard .com) (malware.rules)
  • 2049533 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .cloudid .coffeeonboard .com) (malware.rules)
  • 2049635 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .settings .oysterfloats .org) (malware.rules)
  • 2049636 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .settings .oysterfloats .org) (malware.rules)
  • 2049726 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .scheme .corycabana .net) (malware.rules)
  • 2049727 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .scheme .corycabana .net) (malware.rules)
  • 2049846 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .places .creeksidehuntingpreserve .com) (malware.rules)
  • 2049847 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .places .creeksidehuntingpreserve .com) (malware.rules)
  • 2050358 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .colors .usajicgu .com) (malware.rules)
  • 2050359 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .colors .usajicgu .com) (malware.rules)
  • 2050558 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .honors .howamerica .com) (malware.rules)
  • 2050559 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .honors .howamerica .com) (malware.rules)
  • 2050724 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .our .openarmscv .org) (malware.rules)
  • 2050725 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .our .openarmscv .org) (malware.rules)
  • 2050793 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .day .50adayplan .com) (malware.rules)
  • 2050794 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .day .50adayplan .com) (malware.rules)
  • 2050950 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .members .openarmscv .com) (malware.rules)
  • 2050951 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .members .openarmscv .com) (malware.rules)
  • 2051096 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .collection .aixpirts .com) (malware.rules)
  • 2051097 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .collection .aixpirts .com) (malware.rules)
  • 2051464 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .aus .mimico-cooperative .org) (malware.rules)
  • 2051465 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .aus .mimico-cooperative .org) (malware.rules)
  • 2051495 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .distributors .commdistinc .com) (malware.rules)
  • 2051496 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .distributors .commdistinc .com) (malware.rules)
  • 2051549 - ET MALWARE Lumma Stealer Related CnC Domain in DNS Lookup (lighterepisodeheighte .funs) (malware.rules)
  • 2051550 - ET MALWARE Lumma Stealer Related CnC Domain in DNS Lookup (superemeboxlogosites .pro) (malware.rules)
  • 2051551 - ET MALWARE Lumma Stealer Related CnC Domain in DNS Lookup (edurestunningcrackyow .funs) (malware.rules)
  • 2051552 - ET MALWARE Lumma Stealer Related CnC Domain in DNS Lookup (pooreveningfuseor .pww) (malware.rules)
  • 2051585 - ET MALWARE Lumma Stealer Related CnC Domain in DNS Lookup (edurestunningcrackyow .fung) (malware.rules)
  • 2051608 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .round .fishingreelinvestment .com) (malware.rules)
  • 2051609 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .round .fishingreelinvestment .com) (malware.rules)
  • 2051682 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .policy .donnafrey .com) (malware.rules)
  • 2051683 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .policy .donnafrey .com) (malware.rules)
  • 2051788 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .catching .fishingrealinvestments .com) (malware.rules)
  • 2051789 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .catching .fishingrealinvestments .com) (malware.rules)
  • 2051886 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .schedule .golfballnutz .com) (malware.rules)
  • 2051887 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .schedule .golfballnutz .com) (malware.rules)
  • 2051959 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .pool .hjdeboer .com) (malware.rules)
  • 2051960 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .schedule .golfballnutz .com) (malware.rules)
  • 2051965 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .loans .fishingreelinvestments .com) (malware.rules)
  • 2051966 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .loans .fishingreelinvestments .com) (malware.rules)
  • 2052088 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .register .arpsychotherapy .com) (malware.rules)
  • 2052089 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .register .arpsychotherapy .com) (malware.rules)
  • 2052170 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .anesthetics .biomedzglobal .com) (malware.rules)
  • 2052171 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .anesthetics .biomedzglobal .com) (malware.rules)
  • 2052213 - ET MALWARE Lumma Stealer Related CnC Domain in DNS Lookup (shatterbreathepsw .shop) (malware.rules)
  • 2052294 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .demo .betterbuiltdogs .com) (malware.rules)
  • 2052295 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .demo .betterbuiltdogs .com) (malware.rules)
  • 2052453 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .colo .oystergarden .net) (malware.rules)
  • 2052454 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .colo .oystergarden .net) (malware.rules)
  • 2052578 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .location .oysterfloats .us) (malware.rules)
  • 2052579 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .location .oysterfloats .us) (malware.rules)
  • 2052790 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .glue .oystergardening .net) (malware.rules)
  • 2052791 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .glue .oystergardening .net) (malware.rules)
  • 2052937 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .sticky .oystergardening .name) (malware.rules)
  • 2052938 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .sticky .oystergardening .name) (malware.rules)
  • 2053214 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .patent .international-med .com) (malware.rules)
  • 2053215 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .patent .international-med .com) (malware.rules)
  • 2053407 - ET MALWARE SocGholish CnC Domain in DNS (* .team .jessicabarrett .com) (malware.rules)
  • 2053408 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .team .jessicabarrett .com) (malware.rules)
  • 2053702 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .pages .microcloud360 .com) (malware.rules)
  • 2053703 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .pages .microcloud360 .com) (malware.rules)
  • 2053830 - ET MALWARE SocGholish CnC Domain in DNS (* .partners .gloriadeicr .com) (malware.rules)
  • 2053831 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .partners .gloriadeicr .com in TLS SNI) (malware.rules)
  • 2054194 - ET MALWARE SocGholish CnC Domain in DNS (* .fans .smalladventureguide .com) (malware.rules)
  • 2054195 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .fans .smalladventureguide .com in TLS SNI) (malware.rules)
  • 2054354 - ET MALWARE SocGholish CnC Domain in DNS (* .parish .chuathuongxot .org) (malware.rules)
  • 2054355 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .parish .chuathuongxot .org) (malware.rules)
  • 2054498 - ET MALWARE SocGholish CnC Domain in DNS (* .award .vuheritagefoundation .org) (malware.rules)
  • 2054499 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .award .vuheritagefoundation .org) (malware.rules)
  • 2055738 - ET MALWARE SocGholish CnC Domain in DNS (* .podcast .lisameyerson .com) (malware.rules)
  • 2055739 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .podcast .lisameyerson .com) (malware.rules)
  • 2843276 - ETPRO MALWARE Observed SocGholish Domain in TLS SNI (malware.rules)
  • 2843287 - ETPRO MALWARE Observed SocGholish Domain in TLS SNI (malware.rules)
  • 2843643 - ETPRO MALWARE Observed SocGholish Domain in TLS SNI (malware.rules)
  • 2843654 - ETPRO MALWARE Observed SocGholish Domain in TLS SNI (malware.rules)