Ruleset Update Summary - 2024/12/01 - v10770

Summary:

0 new OPEN, 0 new PRO (0 + 0)


Modified inactive rules:

  • 2043175 - ET PHISHING Office 365 Credential Harvesting Domain (rightofcourse .com) in DNS Lookup (phishing.rules)
  • 2043176 - ET PHISHING Office 365 Credential Harvesting Domain (rightofcourse .com) in TLS SNI (phishing.rules)
  • 2043177 - ET MALWARE linux.backdoor.wordpressexploit.1 CnC Domain (gabriellalovecats .com) in DNS Lookup (malware.rules)
  • 2043178 - ET MALWARE linux.backdoor.wordpressexploit.1 CnC Domain (transadforward .icu) in DNS Lookup (malware.rules)
  • 2043179 - ET MALWARE linux.backdoor.wordpressexploit.1 CnC Domain (tommyforgreendream .icu) in DNS Lookup (malware.rules)
  • 2043180 - ET MALWARE Observed linux.backdoor.wordpressexploit.1 Domain (gabriellalovecats .com) in TLS SNI (malware.rules)
  • 2043181 - ET MALWARE Observed linux.backdoor.wordpressexploit.1 Domain (transadforward .icu) in TLS SNI (malware.rules)
  • 2043182 - ET MALWARE Observed linux.backdoor.wordpressexploit.1 Domain (tommyforgreendream .icu) in TLS SNI (malware.rules)
  • 2043183 - ET MALWARE linux.backdoor.wordpressexploit.2 CnC Domain (clon .collectfasttracks .com) in DNS Lookup (malware.rules)
  • 2043185 - ET MALWARE linux.backdoor.wordpressexploit.2 CnC Domain (count .trackstatisticsss .com) in DNS Lookup (malware.rules)
  • 2043187 - ET MALWARE linux.backdoor.wordpressexploit.2 CnC Domain (deliverygoodstrategies .com) in DNS Lookup (malware.rules)
  • 2043188 - ET MALWARE Observed linux.backdoor.wordpressexploit.2 Domain (clon .collectfasttracks .com) in TLS SNI (malware.rules)
  • 2043226 - ET MALWARE Downloader/Linux.Agent CnC Domain (wget .hostname .help) in DNS Lookup (malware.rules)
  • 2043227 - ET MALWARE Downloader/Linux.Agent CnC Domain (pateu .freevar .com) in DNS Lookup (malware.rules)
  • 2043264 - ET MALWARE IcedID CnC Domain in DNS Lookup (malware.rules)
  • 2043265 - ET MALWARE IcedID CnC Domain in DNS Lookup (malware.rules)
  • 2043266 - ET MALWARE IcedID CnC Domain in DNS Lookup (malware.rules)
  • 2043267 - ET MALWARE IcedID CnC Domain in DNS Lookup (malware.rules)
  • 2043268 - ET MALWARE IcedID CnC Domain in DNS Lookup (malware.rules)
  • 2043269 - ET MALWARE IcedID CnC Domain in DNS Lookup (malware.rules)
  • 2043270 - ET MALWARE IcedID CnC Domain in DNS Lookup (malware.rules)
  • 2043271 - ET MALWARE IcedID CnC Domain in DNS Lookup (malware.rules)
  • 2043276 - ET MALWARE Observed IcedID Domain in DNS Lookup (bayernbadabum .com) (malware.rules)
  • 2043280 - ET MALWARE TA444 Related Domain (autoprotect .com .de) in DNS Lookup (malware.rules)
  • 2043281 - ET MALWARE TA444 Related Domain (autoprotect .gb .net) in DNS Lookup (malware.rules)
  • 2043282 - ET MALWARE TA444 Related Domain (azure-security .online) in DNS Lookup (malware.rules)
  • 2043283 - ET MALWARE TA444 Related Domain (azure-security .site) in DNS Lookup (malware.rules)
  • 2043307 - ET MALWARE Magecart Skimmer Domain in DNS Lookup (magento-cdn .net) (malware.rules)
  • 2043391 - ET MALWARE IcedID CnC Domain in DNS Lookup (needzolapa .com) (malware.rules)
  • 2043393 - ET MALWARE IcedID CnC Domain in DNS Lookup (avoymratax .com) (malware.rules)
  • 2043396 - ET MALWARE IcedID CnC Domain in DNS Lookup (wcollopracket .com) (malware.rules)
  • 2043399 - ET MALWARE IcedID CnC Domain in DNS Lookup (likasertik .shop) (malware.rules)
  • 2043402 - ET MALWARE IcedID CnC Domain in DNS Lookup (trinazhkoma .club) (malware.rules)
  • 2043403 - ET MALWARE IcedID CnC Domain in DNS Lookup (brakudafear .pics) (malware.rules)
  • 2043992 - ET MALWARE Observed DNS Query to IcedID Domain (swordnifhing .com) (malware.rules)
  • 2043993 - ET MALWARE Observed DNS Query to IcedID Domain (nomaeradiur .com) (malware.rules)
  • 2043994 - ET MALWARE Observed DNS Query to IcedID Domain (trotimera .com) (malware.rules)
  • 2043995 - ET MALWARE Observed DNS Query to IcedID Domain (tibloautonef .com) (malware.rules)
  • 2044045 - ET MALWARE Phorpiex CnC Domain (twizt .org) in DNS Lookup (malware.rules)
  • 2044046 - ET INFO URL Shortener Service (fanlink .to) in DNS Lookup (info.rules)
  • 2044048 - ET MALWARE Ice Breaker Backdoor CnC Domain (xn–screnshot-iib .net) in DNS Lookup (malware.rules)
  • 2044049 - ET MALWARE Ice Breaker Backdoor CnC Domain (ponzix .net) in DNS Lookup (malware.rules)
  • 2044050 - ET MALWARE Ice Breaker Backdoor CnC Domain (screenshotlite .com) in DNS Lookup (malware.rules)
  • 2044051 - ET MALWARE Ice Breaker Backdoor CnC Domain (screenshot .icu) in DNS Lookup (malware.rules)
  • 2044052 - ET MALWARE Ice Breaker Backdoor CnC Domain (xn–screnshot-jib .net) in DNS Lookup (malware.rules)
  • 2044053 - ET MALWARE Ice Breaker Backdoor CnC Domain (screenshotcap .com) in DNS Lookup (malware.rules)
  • 2044055 - ET MALWARE Observed DNS Query to IcedID Domain (alijhaborta .com) (malware.rules)
  • 2044056 - ET MALWARE Observed DNS Query to IcedID Domain (qoipaboni .com) (malware.rules)
  • 2044057 - ET MALWARE Observed DNS Query to IcedID Domain (windmencherser .com) (malware.rules)
  • 2044058 - ET MALWARE Observed DNS Query to IcedID Domain (leftcatrheringg .com) (malware.rules)
  • 2044059 - ET MALWARE Observed DNS Query to IcedID Domain (yelsopotre .com) (malware.rules)
  • 2044060 - ET MALWARE Observed DNS Query to IcedID Domain (headertolz .com) (malware.rules)
  • 2044087 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (officenced .com) (info.rules)
  • 2044088 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (prizemons .com) (info.rules)
  • 2044090 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (prizewel .com) (info.rules)
  • 2044091 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (sharesbyte .com) (info.rules)
  • 2044092 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (sharession .com) (info.rules)
  • 2044093 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (prizegives .com) (info.rules)
  • 2044094 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (prizewings .com) (info.rules)
  • 2044095 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (doctricant .com) (info.rules)
  • 2044096 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (attemplate .com) (info.rules)
  • 2044097 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (templatent .com) (info.rules)
  • 2044098 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (sharepointle .com) (info.rules)
  • 2044099 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (officences .com) (info.rules)
  • 2044100 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (sharestion .com) (info.rules)
  • 2044101 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (sharepointin .com) (info.rules)
  • 2044102 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (officested .com) (info.rules)
  • 2044103 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (mcsharepoint .com) (info.rules)
  • 2044104 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (officence .com) (info.rules)
  • 2044105 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (templatern .com) (info.rules)
  • 2044106 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (sharepointen .com) (info.rules)
  • 2044107 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (officentry .com) (info.rules)
  • 2044108 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (templateau .com) (info.rules)
  • 2044109 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (shareholds .com) (info.rules)
  • 2044110 - ET INFO Microsoft Defender Attack Simulation Training Domain in DNS Lookup (windocyte .com) (info.rules)
  • 2044113 - ET MALWARE Patchwork APT BADNEWS CnC Domain (bingoplant .live) in DNS Lookup (malware.rules)
  • 2044151 - ET INFO URL Shortening Service Domain in DNS Lookup (surl .li) (info.rules)
  • 2044152 - ET MALWARE TA444 Related Domain in DNS Lookup (safe .doc-share .cloud) (malware.rules)
  • 2044153 - ET MALWARE TA444 Related Domain in DNS Lookup (autoprotect .com .se) (malware.rules)
  • 2044167 - ET MALWARE DonotGroup Related Domain in DNS Lookup (records .libutires .info) (malware.rules)
  • 2044174 - ET MALWARE Malicious Node.js Module aabquerys payload delivery domain (github .elemecdn .com) in DNS Lookup (malware.rules)
  • 2044175 - ET MALWARE Havoc RAT CnC Domain (zh .googlecdnb .tk) in DNS Lookup (malware.rules)
  • 2044184 - ET MALWARE Backdoored Xpopup Domain (xpopup .com) in DNS Lookup (malware.rules)
  • 2044185 - ET PHISHING AWS Phishing Domain (aws1-console-login .us) in DNS Lookup (phishing.rules)
  • 2044186 - ET PHISHING AWS Phishing Domain (us2-eat-a-w-s .blogspot .com) in DNS Lookup (phishing.rules)
  • 2044198 - ET MALWARE Donot Group Related Domain in DNS Lookup (mayosasa .buzz) (malware.rules)
  • 2044202 - ET MALWARE Donot APT Related Domain in DNS Lookup (best .tasterschoice .shop) (malware.rules)
  • 2044203 - ET MALWARE Donot APT Related Domain in DNS Lookup (blogs .tourseasons .xyz) (malware.rules)
  • 2044204 - ET MALWARE Donot APT Related Domain in DNS Lookup (blogs .libraryutilitis .live) (malware.rules)
  • 2044210 - ET MALWARE Dalbit Group CnC Domain (m00nlight .top) in DNS Lookup (malware.rules)
  • 2044211 - ET MALWARE Dalbit Group CnC Domain (zxcss .com) in DNS Lookup (malware.rules)
  • 2044314 - ET MALWARE Cobalt Strike CnC Domain (alidocs .dingtalk .com .wswebpic .com) in DNS Lookup (malware.rules)
  • 2044361 - ET MALWARE Win32/S1deload Stealer CnC Domain (ytb .dolala .xyz) in DNS Lookup (malware.rules)
  • 2044362 - ET MALWARE Win32/S1deload Stealer CnC Domain (shopproxy .live) in DNS Lookup (malware.rules)
  • 2044382 - ET MALWARE Donot Group APT Related Domain in DNS Lookup (briefdeal .buzz) (malware.rules)
  • 2044385 - ET MALWARE Donot Group APT Related Domain in DNS Lookup (winterhero .buzz) (malware.rules)
  • 2044400 - ET MALWARE IcedID CnC Domain (neonmilkustaers .com) in DNS Lookup (malware.rules)
  • 2044401 - ET MALWARE IcedID CnC Domain (whothitheka .com) in DNS Lookup (malware.rules)
  • 2044402 - ET MALWARE IcedID CnC Domain (trbiriumpa .com) in DNS Lookup (malware.rules)
  • 2044403 - ET MALWARE IcedID CnC Domain (svoykbragudern .com) in DNS Lookup (malware.rules)
  • 2044404 - ET MALWARE 8220 Gang CnC Domain (jira .letmaker .top) in DNS Lookup (malware.rules)
  • 2044405 - ET MALWARE 8220 Gang CnC Domain (dw .bpdeliver .ru) in DNS Lookup (malware.rules)
  • 2044406 - ET MALWARE 8220 Gang CnC Domain (fbi .su1001-2 .top) in DNS Lookup (malware.rules)
  • 2044437 - ET MALWARE Maldoc Related Domain in DNS Lookup (nationalweatherserviceapp .com) (malware.rules)
  • 2044439 - ET MALWARE Observed DNS Query to Gamaredon Domain (payampo .ru) (malware.rules)
  • 2044440 - ET MALWARE Observed DNS Query to Gamaredon Domain (osmanpo .ru) (malware.rules)
  • 2044441 - ET MALWARE Observed DNS Query to Gamaredon Domain (muhsingo .ru) (malware.rules)
  • 2044442 - ET MALWARE Observed DNS Query to Gamaredon Domain (myuridgo .ru) (malware.rules)
  • 2044443 - ET MALWARE Observed DNS Query to Gamaredon Domain (ogtaypi .ru) (malware.rules)
  • 2044444 - ET MALWARE Observed DNS Query to Gamaredon Domain (orduhanpi .ru) (malware.rules)
  • 2044445 - ET MALWARE Observed DNS Query to Gamaredon Domain (muhtargo .ru) (malware.rules)
  • 2044451 - ET MALWARE Lockbit Ransomware Related Domain (poliovocalist .com) in DNS Lookup (malware.rules)
  • 2044506 - ET MALWARE SYS01 Information Stealer CnC Domain (seemlabie .top) in DNS Lookup (malware.rules)
  • 2044507 - ET MALWARE SYS01 Information Stealer CnC Domain (craceruib .top) in DNS Lookup (malware.rules)
  • 2044508 - ET MALWARE SYS01 Information Stealer CnC Domain (oscarnaija .com) in DNS Lookup (malware.rules)
  • 2044509 - ET MALWARE SYS01 Information Stealer CnC Domain (caseiden .com) in DNS Lookup (malware.rules)
  • 2044510 - ET MALWARE SYS01 Information Stealer CnC Domain (mahinetain .top) in DNS Lookup (malware.rules)
  • 2044512 - ET MALWARE SYS01 Information Stealer CnC Domain (graeslavur .com) in DNS Lookup (malware.rules)
  • 2044514 - ET MALWARE SYS01 Information Stealer CnC Domain (baglamanotalari .com) in DNS Lookup (malware.rules)
  • 2044515 - ET MALWARE SYS01 Information Stealer CnC Domain (seleriti .com) in DNS Lookup (malware.rules)
  • 2044521 - ET MALWARE TA444 Related Domain in DNS Lookup (azure .doc-view .cloud) (malware.rules)
  • 2044525 - ET MALWARE PlugX Related Domain in DNS Lookup (cdn .imango .ink) (malware.rules)
  • 2044526 - ET MALWARE PlugX Related Domain in DNS Lookup (api .imango .ink) (malware.rules)
  • 2044555 - ET MALWARE SocGholish NetSupport Dropper Domain in DNS Lookup (gybvhxu .top) (malware.rules)
  • 2044561 - ET MALWARE Prometei Botnet CnC Domain (feefreepool .net) in DNS Lookup (malware.rules)
  • 2044578 - ET MALWARE Crypto Drainer CnC Domain (pingpongtool .xyz) in DNS Lookup (malware.rules)
  • 2044579 - ET MALWARE Crypto Drainer CnC Domain (rewards-decentraland .com) in DNS Lookup (malware.rules)
  • 2044580 - ET MALWARE Crypto Drainer CnC Domain (usdc-circle .com) in DNS Lookup (malware.rules)
  • 2044581 - ET MALWARE Crypto Drainer CnC Domain (redeem-circle .com) in DNS Lookup (malware.rules)
  • 2044601 - ET MALWARE Observed DNS Query to LIGHTSHOW Domain (sede .lamarinadevalencia .com) (malware.rules)
  • 2044602 - ET MALWARE Observed DNS Query to LIGHTSHOW Domain (abba-servicios .mx) (malware.rules)
  • 2044605 - ET MALWARE Observed DNS Query to LIGHTSHOW Domain (webinternal .anyplex .com) (malware.rules)
  • 2044607 - ET MALWARE Observed DNS Query to LIGHTSHOW Domain (ruscheltelefonia .com .br) (malware.rules)
  • 2044609 - ET MALWARE Observed DNS Query to LIGHTSHOW Domain (keewoom .co .kr) (malware.rules)
  • 2044610 - ET MALWARE Observed DNS Query to LIGHTSHOW Domain (olidhealth .com) (malware.rules)
  • 2044611 - ET MALWARE Observed DNS Query to LIGHTSHOW Domain (mantis .quick .net .pl) (malware.rules)
  • 2044612 - ET MALWARE Observed DNS Query to LIGHTSHOW Domain (toptradenews .com) (malware.rules)
  • 2044613 - ET MALWARE Observed DNS Query to LIGHTSHOW Domain (crickethighlights .today) (malware.rules)
  • 2044614 - ET MALWARE Observed DNS Query to Kimsuky Domain (mpevalr .ria .monster) (malware.rules)
  • 2044631 - ET MALWARE GoBruteForcer CnC Domain (fi .warmachine .su) in DNS Lookup (malware.rules)
  • 2044649 - ET MALWARE Observed DNS Query to Gamaredon Domain (talehgi .ru) (malware.rules)
  • 2044650 - ET MALWARE Observed DNS Query to Gamaredon Domain (ravaet .ru) (malware.rules)
  • 2044657 - ET MALWARE Wintern Vivern CnC Domain (marakanas .com) in DNS Lookup (malware.rules)
  • 2044660 - ET MALWARE Wintern Vivern CnC Domain (ocspdep .com) in DNS Lookup (malware.rules)
  • 2044661 - ET MALWARE Wintern Vivern CnC Domain (security-ocsp .com) in DNS Lookup (malware.rules)
  • 2044698 - ET MALWARE Observed DNS Query to Gamaredon Domain (makasd .ru) (malware.rules)
  • 2044699 - ET MALWARE Observed DNS Query to Gamaredon Domain (gojoxa .ru) (malware.rules)
  • 2044700 - ET MALWARE Observed DNS Query to Gamaredon Domain (baralap .ru) (malware.rules)
  • 2044701 - ET MALWARE Observed DNS Query to Gamaredon Domain (rasulla .ru) (malware.rules)
  • 2044718 - ET MALWARE Observed DNS Query to Bad Magic APT Domain (webservice-srv .online) (malware.rules)
  • 2044719 - ET MALWARE Observed DNS Query to Bad Magic APT Domain (webservice-srv1 .online) (malware.rules)
  • 2044720 - ET INFO Free File Hosting Domain (sendbig .com) in DNS Lookup (info.rules)
  • 2044721 - ET INFO Free File Hosting Domain (sendbig .com) in TLS SNI (info.rules)
  • 2044733 - ET MALWARE DonotGroup Related Domain in DNS Lookup (roosterguy .online) (malware.rules)
  • 2044743 - ET MALWARE SOMNIRECORD CnC Domain in DNS Lookup (dafadfweer .top) (malware.rules)
  • 2044772 - ET MALWARE Observed DNS Query to Gamaredon Domain (cumbersome .ru) (malware.rules)
  • 2044773 - ET MALWARE Observed DNS Query to Gamaredon Domain (narutasx .ru) (malware.rules)
  • 2044774 - ET MALWARE Observed DNS Query to Gamaredon Domain (vohod .ru) (malware.rules)
  • 2044775 - ET MALWARE Observed DNS Query to Gamaredon Domain (highfalutin .ru) (malware.rules)
  • 2044776 - ET MALWARE Observed DNS Query to Gamaredon Domain (parsimonious .ru) (malware.rules)
  • 2044777 - ET MALWARE Observed DNS Query to Gamaredon Domain (caramelas .ru) (malware.rules)
  • 2044778 - ET MALWARE Observed DNS Query to Gamaredon Domain (quizzical .ru) (malware.rules)
  • 2044779 - ET MALWARE Observed DNS Query to Gamaredon Domain (heartbreaking .ru) (malware.rules)
  • 2044836 - ET MALWARE Observed DNS Query to Gamaredon Domain (saadipo .ru) (malware.rules)
  • 2044837 - ET MALWARE Observed DNS Query to Gamaredon Domain (sabirpo .ru) (malware.rules)
  • 2044838 - ET MALWARE Observed DNS Query to Gamaredon Domain (rufatpo .ru) (malware.rules)
  • 2044839 - ET MALWARE Observed DNS Query to Gamaredon Domain (raidla .ru) (malware.rules)
  • 2044842 - ET MALWARE DBatLoader CnC Domain (silverline .com .sg) in DNS Lookup (malware.rules)
  • 2044888 - ET MALWARE Snake Keylogger Domain in DNS Lookup (xfl .mooo .com) (malware.rules)
  • 2044899 - ET MALWARE Gamaredon Domain in DNS Lookup (aykutpo .ru) (malware.rules)
  • 2044900 - ET MALWARE Gamaredon Domain in DNS Lookup (aychobanpo .ru) (malware.rules)
  • 2044901 - ET MALWARE Gamaredon Domain in DNS Lookup (ayzakpo .ru) (malware.rules)
  • 2044902 - ET MALWARE Gamaredon Domain in DNS Lookup (altamishpo .ru) (malware.rules)
  • 2044928 - ET MALWARE TA444 Related Domain in DNS Lookup (safe .shared-document .cloud) (malware.rules)
  • 2044929 - ET MALWARE TA444 Related Domain in DNS Lookup (spirtblockchain .com) (malware.rules)
  • 2044930 - ET MALWARE TA444 Related Domain in DNS Lookup (arbordeck .co .in) (malware.rules)
  • 2044956 - ET MALWARE Donot Domain in DNS Lookup (dripgift .live) (malware.rules)
  • 2044957 - ET EXPLOIT_KIT TA569 Keitaro TDS Domain in DNS Lookup (jquery0 .com) (exploit_kit.rules)
  • 2044958 - ET EXPLOIT_KIT TA569 Keitaro TDS Domain in DNS Lookup (jquery01 .com) (exploit_kit.rules)
  • 2044959 - ET EXPLOIT_KIT TA569 Keitaro TDS Domain in DNS Lookup (jquery-bin .com) (exploit_kit.rules)
  • 2044994 - ET MALWARE Gamaredon APT Related Domain in DNS Lookup (unsuitable .ru) (malware.rules)
  • 2044995 - ET MALWARE Gamaredon APT Related Domain in DNS Lookup (vesterac .ru) (malware.rules)
  • 2044996 - ET MALWARE Gamaredon APT Related Domain in DNS Lookup (hctntmc .ru) (malware.rules)
  • 2044997 - ET MALWARE Gamaredon APT Related Domain in DNS Lookup (superficial .ru) (malware.rules)
  • 2045007 - ET MALWARE Observed DNS Query to Gamaredon Domain (atonpi .ru) (malware.rules)
  • 2045008 - ET MALWARE Observed DNS Query to Gamaredon Domain (akenatonbo .ru) (malware.rules)
  • 2045009 - ET MALWARE Observed DNS Query to Gamaredon Domain (aktaypo .ru) (malware.rules)
  • 2045010 - ET MALWARE Observed DNS Query to Gamaredon Domain (anumbo .ru) (malware.rules)
  • 2045011 - ET MALWARE Observed DNS Query to Gamaredon Domain (amonbo .ru) (malware.rules)
  • 2045012 - ET MALWARE Observed DNS Query to Gamaredon Domain (asheypi .ru) (malware.rules)
  • 2045016 - ET MALWARE Observed DNS Query to Gamaredon Domain (altugpo .ru) (malware.rules)
  • 2045017 - ET MALWARE Observed DNS Query to Gamaredon Domain (agshinpo .ru) (malware.rules)
  • 2045018 - ET MALWARE Observed DNS Query to Gamaredon Domain (velevas .ru) (malware.rules)
  • 2045019 - ET MALWARE Observed DNS Query to Gamaredon Domain (akyuldizpo .ru) (malware.rules)
  • 2045021 - ET MALWARE Observed DNS Query to Gamaredon Domain (alpaslanpo .ru) (malware.rules)
  • 2045023 - ET MALWARE Observed DNS Query to Gamaredon Domain (uranic .ru) (malware.rules)
  • 2045024 - ET MALWARE Observed DNS Query to Gamaredon Domain (agasypo .ru) (malware.rules)
  • 2045025 - ET MALWARE Observed DNS Query to Gamaredon Domain (ayrympo .ru) (malware.rules)
  • 2045026 - ET MALWARE Observed DNS Query to Gamaredon Domain (aydoganpo .ru) (malware.rules)
  • 2045027 - ET MALWARE Observed DNS Query to Gamaredon Domain (aktanpo .ru) (malware.rules)
  • 2045028 - ET MALWARE Observed DNS Query to Gamaredon Domain (aytashpo .ru) (malware.rules)
  • 2045029 - ET MALWARE Observed DNS Query to Gamaredon Domain (nalogw .ru) (malware.rules)
  • 2045030 - ET MALWARE Observed DNS Query to Gamaredon Domain (aytyurkpo .ru) (malware.rules)
  • 2045031 - ET MALWARE Observed DNS Query to Gamaredon Domain (baharas .ru) (malware.rules)
  • 2045032 - ET MALWARE Observed DNS Query to Gamaredon Domain (lefant .ru) (malware.rules)
  • 2045033 - ET MALWARE Observed DNS Query to Gamaredon Domain (agakiypo .ru) (malware.rules)
  • 2045034 - ET MALWARE Observed DNS Query to Gamaredon Domain (agastanpo .ru) (malware.rules)
  • 2045035 - ET MALWARE Observed DNS Query to Nemesis Domain (es-megadom .com) (malware.rules)
  • 2045037 - ET MALWARE Observed DNS Query to Nemesis Domain (deveparty .com) (malware.rules)
  • 2045042 - ET MALWARE Gamaredon APT Related Domain in DNS Lookup (barakapi .ru) (malware.rules)
  • 2045043 - ET MALWARE Gamaredon APT Related Domain in DNS Lookup (badrupi .ru) (malware.rules)
  • 2045044 - ET MALWARE Gamaredon APT Related Domain in DNS Lookup (ahmozpi .ru) (malware.rules)
  • 2045045 - ET MALWARE Gamaredon APT Related Domain in DNS Lookup (bakaripi .ru) (malware.rules)
  • 2045048 - ET MALWARE Gamaredon APT Related Domain in DNS Lookup (akenatonbo .ru) (malware.rules)
  • 2045049 - ET MALWARE Gamaredon APT Related Domain in DNS Lookup (asheypi .ru) (malware.rules)
  • 2045050 - ET MALWARE Gamaredon APT Related Domain in DNS Lookup (atonpi .ru) (malware.rules)
  • 2045051 - ET MALWARE Gamaredon APT Related Domain in DNS Lookup (anumbo .ru) (malware.rules)
  • 2045052 - ET MALWARE Gamaredon APT Related Domain in DNS Lookup (aktaypo .ru) (malware.rules)
  • 2045053 - ET MALWARE Gamaredon APT Related Domain in DNS Lookup (amonbo .ru) (malware.rules)
  • 2045109 - ET MALWARE Observed DNS Query to TA444 Domain (nbright .best) (malware.rules)
  • 2045110 - ET MALWARE FROZENBARENTS (SANDWORM) APT Related Domain in DNS Lookup (cpcpipe .org) (malware.rules)
  • 2045111 - ET MALWARE FROZENBARENTS (SANDWORM) APT Related Domain in DNS Lookup (ukroboronprom .com .ukr .pm) (malware.rules)
  • 2045112 - ET MALWARE FROZENBARENTS (SANDWORM) APT Related Domain in DNS Lookup (cpcpipe .com) (malware.rules)
  • 2045119 - ET MALWARE Cuba Ransomware Related Domain in DNS Lookup (masterofdigital .org) (malware.rules)
  • 2045157 - ET MALWARE TA444 Related Domain in DNS Lookup (malware.rules)
  • 2045167 - ET MALWARE DNS Query to Gamaredon Domain (bankoulpi .ru) (malware.rules)
  • 2045168 - ET MALWARE DNS Query to Gamaredon Domain (barutipi .ru) (malware.rules)
  • 2045169 - ET MALWARE DNS Query to Gamaredon Domain (apispi .ru) (malware.rules)
  • 2045170 - ET MALWARE DNS Query to Gamaredon Domain (anherpi .ru) (malware.rules)
  • 2045171 - ET MALWARE DNS Query to Gamaredon Domain (fushiguro .ru) (malware.rules)
  • 2045172 - ET MALWARE DNS Query to Gamaredon Domain (22defeated .ayrympo .ru) (malware.rules)
  • 2045188 - ET MALWARE Gamaredon APT Domain in DNS Lookup (ruizchris .ru) (malware.rules)
  • 2045189 - ET MALWARE Gamaredon APT Domain in DNS Lookup (valasati .ru) (malware.rules)
  • 2045190 - ET MALWARE Gamaredon APT Domain in DNS Lookup (ayarimar .ru) (malware.rules)
  • 2045191 - ET MALWARE Gamaredon APT Domain in DNS Lookup (nutriag .ru) (malware.rules)
  • 2045192 - ET MALWARE Gamaredon APT Domain in DNS Lookup (vilaverde .ru) (malware.rules)
  • 2045193 - ET MALWARE Gamaredon APT Domain in DNS Lookup (fortunyzo .ru) (malware.rules)
  • 2045194 - ET MALWARE Gamaredon APT Domain in DNS Lookup (dussaut .ru) (malware.rules)
  • 2045195 - ET MALWARE Gamaredon APT Domain in DNS Lookup (samiseto .ru) (malware.rules)
  • 2045196 - ET MALWARE Gamaredon APT Domain in DNS Lookup (boraito .ru) (malware.rules)
  • 2045197 - ET MALWARE Gamaredon APT Domain in DNS Lookup (enokida .ru) (malware.rules)
  • 2045198 - ET MALWARE Gamaredon APT Domain in DNS Lookup (kaigitang .ru) (malware.rules)
  • 2045227 - ET MALWARE Gamaredon APT Domain in DNS Lookup (nahalx .ru) (malware.rules)
  • 2045228 - ET MALWARE Gamaredon APT Domain in DNS Lookup (baraslx .ru) (malware.rules)
  • 2045234 - ET MALWARE Donot Group APT Related Domain in DNS Lookup (pic .onesolution .buzz) (malware.rules)
  • 2045236 - ET MALWARE Donot Group APT Related Domain in DNS Lookup (epiczplus .buzz) (malware.rules)
  • 2045237 - ET MALWARE DNS Query to MageCart Domain (genlytec .us) (malware.rules)
  • 2045238 - ET MALWARE DNS Query to MageCart Domain (pyatiticdigt .shop) (malware.rules)
  • 2045239 - ET MALWARE DNS Query to MageCart Domain (shumtech .shop) (malware.rules)
  • 2045240 - ET MALWARE DNS Query to MageCart Domain (interytec .shop) (malware.rules)
  • 2045241 - ET MALWARE DNS Query to MageCart Domain (stacstocuh .quest) (malware.rules)
  • 2045242 - ET MALWARE DNS Query to MageCart Domain (daichetmob .sbs) (malware.rules)
  • 2045243 - ET MALWARE DNS Query to MageCart Domain (zapolmob .sbs) (malware.rules)
  • 2045248 - ET MALWARE Gamaredon APT Domain in DNS Lookup (decorous .ru) (malware.rules)
  • 2045249 - ET MALWARE Gamaredon APT Domain in DNS Lookup (judicious .ru) (malware.rules)
  • 2045250 - ET MALWARE Gamaredon APT Domain in DNS Lookup (succinct .ru) (malware.rules)
  • 2045251 - ET MALWARE Alloy Taurus APT Related Domain in DNS Lookup (yrhsywu2009 .zapto .org) (malware.rules)
  • 2045253 - ET MALWARE Alloy Taurus APT Related Domain in DNS Lookup (saspecialforces .co .za) (malware.rules)
  • 2045268 - ET MALWARE Ducktail Stealer Related Domain in DNS Lookup (techvibeo .com) (malware.rules)
  • 2045271 - ET MALWARE DNS Query to RokRat Domain (link .b4a .app) (malware.rules)
  • 2045272 - ET MALWARE DNS Query to RokRat Domain (daum-store .com) (malware.rules)
  • 2045273 - ET MALWARE DNS Query to RokRat Domain (docx1 .b4a .app) (malware.rules)
  • 2045274 - ET MALWARE DNS Query to RokRat Domain (nate-download .com) (malware.rules)
  • 2045275 - ET MALWARE DNS Query to RokRat Domain (naver-file .com) (malware.rules)
  • 2045644 - ET MALWARE DNS Query to TA444 Domain (parallaxdigital .online) (malware.rules)
  • 2045645 - ET MALWARE DNS Query to TA444 Domain (myfirmdocument .online) (malware.rules)
  • 2045646 - ET MALWARE DNS Query to TA444 Domain (morganstanleycorp .co .uk) (malware.rules)
  • 2045647 - ET MALWARE DNS Query to TA444 Domain (docs-send .online) (malware.rules)
  • 2045648 - ET MALWARE DNS Query to TA444 Domain (cyberwalletsecurity .online) (malware.rules)
  • 2045649 - ET MALWARE DNS Query to TA444 Domain (drop-box .cloud) (malware.rules)
  • 2045650 - ET MALWARE DNS Query to TA444 Domain (gunosis .global) (malware.rules)
  • 2045651 - ET MALWARE DNS Query to TA444 Domain (altair-vc .info) (malware.rules)
  • 2045652 - ET MALWARE DNS Query to TA444 Domain (cryptyk .webredirect .org) (malware.rules)
  • 2045653 - ET MALWARE DNS Query to TA444 Domain (acuitykp .co) (malware.rules)
  • 2045654 - ET MALWARE DNS Query to TA444 Domain (doc .linkpc .net) (malware.rules)
  • 2045655 - ET MALWARE DNS Query to TA444 Domain (docsend .business) (malware.rules)
  • 2045656 - ET MALWARE DNS Query to TA444 Domain (werfaultserver .com) (malware.rules)
  • 2045662 - ET MALWARE DNS Query to TA444 Domain (cryptyk .online) (malware.rules)
  • 2045663 - ET MALWARE DNS Query to TA444 Domain (forumpatners .com) (malware.rules)
  • 2045664 - ET MALWARE DNS Query to TA444 Domain (autoupdatecheck .work .gd) (malware.rules)
  • 2045665 - ET MALWARE DNS Query to TA444 Domain (docsend-host .cloud) (malware.rules)
  • 2045666 - ET MALWARE DNS Query to TA444 Domain (hyperchaincapital .online) (malware.rules)
  • 2045667 - ET MALWARE DNS Query to TA444 Domain (j-ic .co .in) (malware.rules)
  • 2045668 - ET MALWARE DNS Query to TA444 Domain (docupload .site) (malware.rules)
  • 2045680 - ET MALWARE TA444 Related Domain in DNS Lookup (cryptofundsresearch .com) (malware.rules)
  • 2045681 - ET MALWARE TA444 Related Domain in DNS Lookup (jobdescription .us .com) (malware.rules)
  • 2045682 - ET MALWARE TA444 Related Domain in DNS Lookup (cryptyk .info) (malware.rules)
  • 2045683 - ET MALWARE TA444 Related Domain in DNS Lookup (doc-send .online) (malware.rules)
  • 2045684 - ET MALWARE TA444 Related Domain in DNS Lookup (bdcc .bio) (malware.rules)
  • 2045685 - ET MALWARE TA444 Related Domain in DNS Lookup (contractresearch .blog) (malware.rules)
  • 2045686 - ET MALWARE TA444 Related Domain in DNS Lookup (espcapital .co .in) (malware.rules)
  • 2045687 - ET MALWARE TA444 Related Domain in DNS Lookup (shared-document .cloud) (malware.rules)
  • 2045688 - ET MALWARE TA444 Related Domain in DNS Lookup (javarepo .net) (malware.rules)
  • 2045689 - ET MALWARE TA444 Related Domain in DNS Lookup (contract-research .blog) (malware.rules)
  • 2045690 - ET MALWARE TA444 Related Domain in DNS Lookup (gumi-cryptos .loan) (malware.rules)
  • 2045691 - ET MALWARE TA444 Related Domain in DNS Lookup (doc-send .com) (malware.rules)
  • 2045692 - ET MALWARE TA444 Related Domain in DNS Lookup (smart-contracts .blog) (malware.rules)
  • 2045693 - ET MALWARE TA444 Related Domain in DNS Lookup (verifydocument .online) (malware.rules)
  • 2045695 - ET MALWARE DNS Query to SmokeLoader Domain (potunulit .org) (malware.rules)
  • 2045696 - ET MALWARE DNS Query to Glupteba Domain (geofaps .com) (malware.rules)
  • 2045699 - ET MALWARE DNS Query to Glupteba Domain (beegolang .com) (malware.rules)
  • 2045700 - ET ADWARE_PUP DNS Query to Neoreklami (service-domain .xyz) (adware_pup.rules)
  • 2045701 - ET ADWARE_PUP DNS Query to Neoreklami (check-data .xyz) (adware_pup.rules)
  • 2045702 - ET ADWARE_PUP DNS Query to Neoreklami (vadimmqz .beget .tech) (adware_pup.rules)
  • 2045703 - ET INFO DNS Query to PekkaRat Store Front Domain (pekkarat .com) (info.rules)
  • 2045726 - ET MALWARE DNS Query to Gamaredon Domain (kahotepa .ru) (malware.rules)
  • 2045727 - ET MALWARE DNS Query to Gamaredon Domain (kaziyapa .ru) (malware.rules)
  • 2045728 - ET MALWARE DNS Query to Gamaredon Domain (OpenAsTextStream .zuberipa .ru) (malware.rules)
  • 2045729 - ET MALWARE DNS Query to Gamaredon Domain (80delay .dzhabaripa .ru) (malware.rules)
  • 2045730 - ET MALWARE DNS Query to Gamaredon Domain (71delay .dzhahipa .ru) (malware.rules)
  • 2045731 - ET MALWARE DNS Query to Gamaredon Domain (zaherpa .ru) (malware.rules)
  • 2045732 - ET MALWARE DNS Query to Gamaredon Domain (goruspa .ru) (malware.rules)
  • 2045733 - ET MALWARE DNS Query to Gamaredon Domain (iknatonpa .ru) (malware.rules)
  • 2045734 - ET MALWARE DNS Query to Gamaredon Domain (dzhahipa .ru) (malware.rules)
  • 2045735 - ET MALWARE DNS Query to Gamaredon Domain (dzhabaripa .ru) (malware.rules)
  • 2045736 - ET MALWARE DNS Query to Gamaredon Domain (zuberipa .ru) (malware.rules)
  • 2045772 - ET MALWARE DonotGroup Related Domain in DNS Lookup (lovebirdsshop .club) (malware.rules)
  • 2045795 - ET MALWARE SparkRAT Related Domain in DNS Lookup (gwekekccef .webull .day) (malware.rules)
  • 2045797 - ET MALWARE TA427 Related Domain in DNS Lookup (com-price .space) (malware.rules)
  • 2045798 - ET MALWARE TA427 Related Domain in DNS Lookup (com-www .click) (malware.rules)
  • 2045799 - ET MALWARE TA427 Related Domain in DNS Lookup (com-def .asia) (malware.rules)
  • 2045800 - ET MALWARE TA427 Related Domain in DNS Lookup (com-otp .click) (malware.rules)
  • 2045801 - ET MALWARE TA427 Related Domain in DNS Lookup (de-file .online) (malware.rules)
  • 2045802 - ET MALWARE TA427 Related Domain in DNS Lookup (kr-me .click) (malware.rules)
  • 2045803 - ET MALWARE TA427 Related Domain in DNS Lookup (com-port .space) (malware.rules)
  • 2045804 - ET MALWARE TA427 Related Domain in DNS Lookup (cf-health .click) (malware.rules)
  • 2045805 - ET MALWARE TA427 Related Domain in DNS Lookup (kr-angry .click) (malware.rules)
  • 2045834 - ET MALWARE Observed DNS Query to Gamaredon Domain (mbiziso .ru) (malware.rules)
  • 2045835 - ET MALWARE Observed DNS Query to Gamaredon Domain (kontarso .ru) (malware.rules)
  • 2045836 - ET MALWARE Observed DNS Query to Gamaredon Domain (koseyso .ru) (malware.rules)
  • 2045837 - ET MALWARE Observed DNS Query to Gamaredon Domain (menesso .ru) (malware.rules)
  • 2045838 - ET MALWARE Observed DNS Query to Gamaredon Domain (kuaashiso .ru) (malware.rules)
  • 2045839 - ET MALWARE Observed DNS Query to Gamaredon Domain (lizimbaso .ru) (malware.rules)
  • 2045840 - ET MALWARE Observed DNS Query to Gamaredon Domain (maatso .ru) (malware.rules)
  • 2045842 - ET MALWARE CloudWizard APT Related Domain in DNS Lookup (curveroad .com) (malware.rules)
  • 2045849 - ET MALWARE DNS Query to Cobalt Strike Domain (iconnectgs .com) (malware.rules)
  • 2045850 - ET MALWARE DNS Query to Cobalt Strike Domain (aicsoftware .com) (malware.rules)
  • 2045851 - ET MALWARE DNS Query to IcedID Domain (kicknocisd .com) (malware.rules)
  • 2045852 - ET MALWARE DNS Query to IcedID Domain (guaracheza .pics) (malware.rules)
  • 2045854 - ET MALWARE DNS Query to IcedID Domain (simipimi .com) (malware.rules)
  • 2045856 - ET MALWARE DNS Query to IcedID Domain (stayersa .art) (malware.rules)
  • 2046080 - ET MALWARE Gamaredon Domain in DNS Lookup (havxcq .ru) (malware.rules)
  • 2046081 - ET MALWARE Gamaredon Domain in DNS Lookup (ozaharso .ru) (malware.rules)
  • 2046082 - ET MALWARE Gamaredon Domain in DNS Lookup (okparaso .ru) (malware.rules)
  • 2046083 - ET MALWARE Gamaredon Domain in DNS Lookup (omariso .ru) (malware.rules)
  • 2046084 - ET MALWARE Gamaredon Domain in DNS Lookup (ozirisso .ru) (malware.rules)
  • 2046085 - ET MALWARE Gamaredon Domain in DNS Lookup (remmaoso .ru) (malware.rules)
  • 2046086 - ET MALWARE Gamaredon Domain in DNS Lookup (oddzhiso .ru) (malware.rules)
  • 2046087 - ET MALWARE Gamaredon Domain in DNS Lookup (itoram .ru) (malware.rules)
  • 2046088 - ET MALWARE Gamaredon Domain in DNS Lookup (rvawc .ru) (malware.rules)
  • 2046089 - ET MALWARE Gamaredon Domain in DNS Lookup (gajasx .ru) (malware.rules)
  • 2046090 - ET MALWARE Gamaredon Domain in DNS Lookup (xopekar .ru) (malware.rules)
  • 2046091 - ET MALWARE Gamaredon Domain in DNS Lookup (nalfas .ru) (malware.rules)
  • 2046092 - ET MALWARE Gamaredon Domain in DNS Lookup (blootundicht .ru) (malware.rules)
  • 2046093 - ET MALWARE Gamaredon Domain in DNS Lookup (tulocal .ru) (malware.rules)
  • 2046094 - ET MALWARE Gamaredon Domain in DNS Lookup (boptizol .ru) (malware.rules)
  • 2046095 - ET MALWARE Gamaredon Domain in DNS Lookup (yorisant .ru) (malware.rules)
  • 2046096 - ET MALWARE Gamaredon Domain in DNS Lookup (viratuk .ru) (malware.rules)
  • 2046097 - ET MALWARE Gamaredon Domain in DNS Lookup (reposant .ru) (malware.rules)
  • 2046205 - ET MALWARE Stealth Soldier Backdoor Related Domain in DNS Lookup (filestoragehub .live) (malware.rules)
  • 2046213 - ET MALWARE Gamaredon Domain in DNS Lookup (gawsxc .ru) (malware.rules)
  • 2046214 - ET MALWARE Gamaredon Domain in DNS Lookup (perccottuspi .ru) (malware.rules)
  • 2046215 - ET MALWARE Gamaredon Domain in DNS Lookup (razuiso .ru) (malware.rules)
  • 2046216 - ET MALWARE Gamaredon Domain in DNS Lookup (dzhabrailho .ru) (malware.rules)
  • 2046217 - ET MALWARE Gamaredon Domain in DNS Lookup (tispai .ru) (malware.rules)
  • 2046218 - ET MALWARE Gamaredon Domain in DNS Lookup (reyyfadsf .ru) (malware.rules)
  • 2046219 - ET MALWARE Gamaredon Domain in DNS Lookup (dumerilipi .ru) (malware.rules)
  • 2046220 - ET MALWARE Gamaredon Domain in DNS Lookup (bladefishpi .ru) (malware.rules)
  • 2046221 - ET MALWARE Gamaredon Domain in DNS Lookup (spatulapi .ru) (malware.rules)
  • 2046222 - ET MALWARE Gamaredon Domain in DNS Lookup (gawcq .ru) (malware.rules)
  • 2046223 - ET MALWARE Gamaredon Domain in DNS Lookup (agonepi .ru) (malware.rules)
  • 2046224 - ET MALWARE Gamaredon Domain in DNS Lookup (albacorepi .ru) (malware.rules)
  • 2046263 - ET MALWARE APT-C-36 Related Domain in DNS Lookup (travel-ag .com) (malware.rules)
  • 2046645 - ET MALWARE Gamaredon Domain in DNS Lookup (namibbo .ru) (malware.rules)
  • 2046646 - ET MALWARE Gamaredon Domain in DNS Lookup (kyzylkumbo .ru) (malware.rules)
  • 2046647 - ET MALWARE Gamaredon Domain in DNS Lookup (bukatam .ru) (malware.rules)
  • 2046648 - ET MALWARE Gamaredon Domain in DNS Lookup (negevbo .ru) (malware.rules)
  • 2046649 - ET MALWARE Gamaredon Domain in DNS Lookup (totalav .ru) (malware.rules)
  • 2046650 - ET MALWARE Gamaredon Domain in DNS Lookup (durakam .ru) (malware.rules)
  • 2046651 - ET MALWARE Gamaredon Domain in DNS Lookup (gutarax .ru) (malware.rules)
  • 2046713 - ET MALWARE TA444 Related Domain in DNS Lookup (starbucls .xyz) (malware.rules)
  • 2046717 - ET MALWARE TA444 Related Domain in DNS Lookup (malware.rules)
  • 2046736 - ET MALWARE TA444 Domain in DNS Lookup (cloud .dnx .capital) (malware.rules)
  • 2046737 - ET MALWARE TA444 Domain in DNS Lookup (crypto .hondchain .com) (malware.rules)
  • 2046741 - ET MALWARE Cinoshi Clipper Related Domain in DNS Lookup (tryno .ru) (malware.rules)
  • 2046758 - ET MALWARE Playful Taurus Domain in TLS SNI (update .adboeonline .net) (malware.rules)
  • 2046759 - ET MALWARE Playful Taurus Domain in TLS SNI (mail .indiarailways .net) (malware.rules)
  • 2046790 - ET MALWARE Playful Taurus Domain in TLS SNI (proxy .oracleapps .org) (malware.rules)
  • 2046791 - ET MALWARE DNS Query to UNK_BisonBooster Domain (booster724 .online) (malware.rules)
  • 2046792 - ET MALWARE DNS Query to UNK_BisonBooster Domain (forsports .xyz) (malware.rules)
  • 2046793 - ET MALWARE DNS Query to UNK_BisonBooster Domain (speedup-pc .online) (malware.rules)
  • 2046813 - ET MALWARE RomCom CnC Domain in DNS Lookup (finformservice .com) (malware.rules)
  • 2046814 - ET MALWARE RomCom CnC Domain in DNS Lookup (penofach .com) (malware.rules)
  • 2046815 - ET MALWARE RomCom CnC Domain in DNS Lookup (altimata .org) (malware.rules)
  • 2046816 - ET MALWARE RomCom CnC Domain in DNS Lookup (bentaxworld .com) (malware.rules)
  • 2046817 - ET PHISHING RomCom Phishing Domain in DNS Lookup (ukrainianworldcongress .info) (phishing.rules)
  • 2046822 - ET MALWARE [ANY.RUN] DNS Query to Konni APT Domain (cachecast001 .com) (malware.rules)
  • 2046823 - ET MALWARE [ANY.RUN] DNS Query to Konni APT Domain (elinline .com) (malware.rules)
  • 2046922 - ET MALWARE TraderTraitor CnC Domain in DNS Lookup (launchruse .com) (malware.rules)
  • 2046923 - ET MALWARE TraderTraitor CnC Domain in DNS Lookup (datadog-graph .com) (malware.rules)
  • 2046924 - ET MALWARE TraderTraitor CnC Domain in DNS Lookup (alwaysckain .com) (malware.rules)
  • 2046926 - ET MALWARE TraderTraitor CnC Domain in DNS Lookup (canolagroove .com) (malware.rules)
  • 2046929 - ET MALWARE TraderTraitor CnC Domain in DNS Lookup (primerosauxiliosperu .com) (malware.rules)
  • 2046930 - ET MALWARE TraderTraitor CnC Domain in DNS Lookup (toyourownbeat .com) (malware.rules)
  • 2046931 - ET MALWARE TraderTraitor CnC Domain in DNS Lookup (datadog-cloud .com) (malware.rules)
  • 2046932 - ET MALWARE TraderTraitor CnC Domain in DNS Lookup (centos-repos .org) (malware.rules)
  • 2046933 - ET MALWARE TraderTraitor CnC Domain in DNS Lookup (nomadpkg .com) (malware.rules)
  • 2047063 - ET MALWARE IcedID CnC Domain in DNS Lookup (pireltotus .com) (malware.rules)
  • 2047344 - ET PHISHING TOAD Domain in DNS Lookup (mshelp53 .us) (phishing.rules)
  • 2047345 - ET PHISHING TOAD Domain in DNS Lookup (cashapphelp06 .us) (phishing.rules)
  • 2047346 - ET PHISHING TOAD Domain in DNS Lookup (pcxhelp .us) (phishing.rules)
  • 2047347 - ET PHISHING TOAD Domain in DNS Lookup (hpsupport08 .us) (phishing.rules)
  • 2047348 - ET PHISHING TOAD Domain in DNS Lookup (ppalsecure .us) (phishing.rules)
  • 2047349 - ET PHISHING TOAD Domain in DNS Lookup (cashapphelp011 .us) (phishing.rules)
  • 2047350 - ET PHISHING TOAD Domain in DNS Lookup (mshelp2 .us) (phishing.rules)
  • 2047351 - ET PHISHING TOAD Domain in DNS Lookup (apples9 .us) (phishing.rules)
  • 2047352 - ET PHISHING TOAD Domain in DNS Lookup (cashapphelp101 .us) (phishing.rules)
  • 2047353 - ET PHISHING TOAD Domain in DNS Lookup (mshelp51 .us) (phishing.rules)
  • 2047354 - ET PHISHING TOAD Domain in DNS Lookup (cashapp04 .us) (phishing.rules)
  • 2047355 - ET PHISHING TOAD Domain in DNS Lookup (mshelp03 .us) (phishing.rules)
  • 2047356 - ET PHISHING TOAD Domain in DNS Lookup (help88 .us) (phishing.rules)
  • 2047357 - ET PHISHING TOAD Domain in DNS Lookup (mshelp09 .us) (phishing.rules)
  • 2047361 - ET PHISHING TOAD Domain in DNS Lookup (cashapphelp010 .us) (phishing.rules)
  • 2047362 - ET PHISHING TOAD Domain in DNS Lookup (mshelp01 .us) (phishing.rules)
  • 2047363 - ET PHISHING TOAD Domain in DNS Lookup (cashapp05 .us) (phishing.rules)
  • 2047364 - ET PHISHING TOAD Domain in DNS Lookup (cshelp12 .us) (phishing.rules)
  • 2047365 - ET PHISHING TOAD Domain in DNS Lookup (cashapphelp103 .us) (phishing.rules)
  • 2047366 - ET PHISHING TOAD Domain in DNS Lookup (hpsupport02 .us) (phishing.rules)
  • 2047367 - ET PHISHING TOAD Domain in DNS Lookup (cshelp09 .us) (phishing.rules)
  • 2047368 - ET PHISHING TOAD Domain in DNS Lookup (quickcare .cc) (phishing.rules)
  • 2047369 - ET PHISHING TOAD Domain in DNS Lookup (cashapphelp08 .us) (phishing.rules)
  • 2047370 - ET PHISHING TOAD Domain in DNS Lookup (apples12 .us) (phishing.rules)
  • 2047371 - ET PHISHING TOAD Domain in DNS Lookup (mshelp08 .us) (phishing.rules)
  • 2047372 - ET PHISHING TOAD Domain in DNS Lookup (pcdelta .us) (phishing.rules)
  • 2047373 - ET PHISHING TOAD Domain in DNS Lookup (mshelp14 .us) (phishing.rules)
  • 2047374 - ET PHISHING TOAD Domain in DNS Lookup (cashapphelp05 .us) (phishing.rules)
  • 2047375 - ET PHISHING TOAD Domain in DNS Lookup (help81 .us) (phishing.rules)
  • 2047376 - ET PHISHING TOAD Domain in DNS Lookup (mscare .cc) (phishing.rules)
  • 2047377 - ET PHISHING TOAD Domain in DNS Lookup (pcjet .us) (phishing.rules)
  • 2047378 - ET PHISHING TOAD Domain in DNS Lookup (mshelp05 .us) (phishing.rules)
  • 2047379 - ET PHISHING TOAD Domain in DNS Lookup (hpsupport03 .us) (phishing.rules)
  • 2047380 - ET PHISHING TOAD Domain in DNS Lookup (apples10 .us) (phishing.rules)
  • 2047381 - ET PHISHING TOAD Domain in DNS Lookup (cshelp10 .us) (phishing.rules)
  • 2047382 - ET PHISHING TOAD Domain in DNS Lookup (jcb24 .us) (phishing.rules)
  • 2047383 - ET PHISHING TOAD Domain in DNS Lookup (mshelp02 .us) (phishing.rules)
  • 2047384 - ET PHISHING TOAD Domain in DNS Lookup (support24 .cc) (phishing.rules)
  • 2047385 - ET PHISHING TOAD Domain in DNS Lookup (help87 .us) (phishing.rules)
  • 2047386 - ET PHISHING TOAD Domain in DNS Lookup (apples8 .us) (phishing.rules)
  • 2047387 - ET PHISHING TOAD Domain in DNS Lookup (helpdesk24 .us) (phishing.rules)
  • 2047388 - ET PHISHING TOAD Domain in DNS Lookup (mshelp012 .us) (phishing.rules)
  • 2047389 - ET PHISHING TOAD Domain in DNS Lookup (pccharlie .us) (phishing.rules)
  • 2047390 - ET PHISHING TOAD Domain in DNS Lookup (cashapphelp102 .us) (phishing.rules)
  • 2047391 - ET PHISHING TOAD Domain in DNS Lookup (cshelp03 .us) (phishing.rules)
  • 2047392 - ET PHISHING TOAD Domain in DNS Lookup (apples6 .us) (phishing.rules)
  • 2047393 - ET PHISHING TOAD Domain in DNS Lookup (cshelp01 .us) (phishing.rules)
  • 2047394 - ET PHISHING TOAD Domain in DNS Lookup (cshelp06 .us) (phishing.rules)
  • 2047395 - ET PHISHING TOAD Domain in DNS Lookup (help89 .us) (phishing.rules)
  • 2047396 - ET PHISHING TOAD Domain in DNS Lookup (cashapphelp104 .us) (phishing.rules)
  • 2047397 - ET PHISHING TOAD Domain in DNS Lookup (cshelp08 .us) (phishing.rules)
  • 2047398 - ET PHISHING TOAD Domain in DNS Lookup (hpsupport09 .us) (phishing.rules)
  • 2047399 - ET PHISHING TOAD Domain in DNS Lookup (apples5 .us) (phishing.rules)
  • 2047400 - ET PHISHING TOAD Domain in DNS Lookup (cashapphelp105 .cc) (phishing.rules)
  • 2047401 - ET PHISHING TOAD Domain in DNS Lookup (cashapphelp01 .us) (phishing.rules)
  • 2047402 - ET PHISHING TOAD Domain in DNS Lookup (cashapphelp105 .us) (phishing.rules)
  • 2047403 - ET PHISHING TOAD Domain in DNS Lookup (mshelp8 .us) (phishing.rules)
  • 2047404 - ET PHISHING TOAD Domain in DNS Lookup (hpsupport07 .us) (phishing.rules)
  • 2047405 - ET PHISHING TOAD Domain in DNS Lookup (mshelp3 .us) (phishing.rules)
  • 2047406 - ET PHISHING TOAD Domain in DNS Lookup (apples14 .us) (phishing.rules)
  • 2047407 - ET PHISHING TOAD Domain in DNS Lookup (refundpvt .us) (phishing.rules)
  • 2047408 - ET PHISHING TOAD Domain in DNS Lookup (mshelp010 .us) (phishing.rules)
  • 2047409 - ET PHISHING TOAD Domain in DNS Lookup (mshelp15 .us) (phishing.rules)
  • 2047410 - ET PHISHING TOAD Domain in DNS Lookup (b124 .us) (phishing.rules)
  • 2047411 - ET PHISHING TOAD Domain in DNS Lookup (cashapp02 .us) (phishing.rules)
  • 2047412 - ET PHISHING TOAD Domain in DNS Lookup (securehelp .cc) (phishing.rules)
  • 2047413 - ET PHISHING TOAD Domain in DNS Lookup (mshelp12 .us) (phishing.rules)
  • 2047414 - ET PHISHING TOAD Domain in DNS Lookup (help84 .us) (phishing.rules)
  • 2047415 - ET PHISHING TOAD Domain in DNS Lookup (apples4 .us) (phishing.rules)
  • 2047416 - ET PHISHING TOAD Domain in DNS Lookup (cashapphelp03 .us) (phishing.rules)
  • 2047417 - ET PHISHING TOAD Domain in DNS Lookup (help86 .us) (phishing.rules)
  • 2047418 - ET PHISHING TOAD Domain in DNS Lookup (help90 .us) (phishing.rules)
  • 2047419 - ET PHISHING TOAD Domain in DNS Lookup (apples3 .us) (phishing.rules)
  • 2047420 - ET PHISHING TOAD Domain in DNS Lookup (apples11 .us) (phishing.rules)
  • 2047421 - ET PHISHING TOAD Domain in DNS Lookup (apples1 .us) (phishing.rules)
  • 2047422 - ET PHISHING TOAD Domain in DNS Lookup (cshelp13 .us) (phishing.rules)
  • 2047423 - ET PHISHING TOAD Domain in DNS Lookup (pcecho .us) (phishing.rules)
  • 2047424 - ET PHISHING TOAD Domain in DNS Lookup (nrtnhelp .us) (phishing.rules)
  • 2047425 - ET PHISHING TOAD Domain in DNS Lookup (cashapphelp02 .us) (phishing.rules)
  • 2047426 - ET PHISHING TOAD Domain in DNS Lookup (cshelp14 .us) (phishing.rules)
  • 2047427 - ET PHISHING TOAD Domain in DNS Lookup (apples13 .us) (phishing.rules)
  • 2047428 - ET PHISHING TOAD Domain in DNS Lookup (mshelp5 .us) (phishing.rules)
  • 2047429 - ET PHISHING TOAD Domain in DNS Lookup (pcbravo .us) (phishing.rules)
  • 2047430 - ET PHISHING TOAD Domain in DNS Lookup (mshelp .us) (phishing.rules)
  • 2047431 - ET PHISHING TOAD Domain in DNS Lookup (securenetwork .cc) (phishing.rules)
  • 2047432 - ET PHISHING TOAD Domain in DNS Lookup (mshelp015 .us) (phishing.rules)
  • 2047433 - ET PHISHING TOAD Domain in DNS Lookup (cshelp04 .us) (phishing.rules)
  • 2047434 - ET PHISHING TOAD Domain in DNS Lookup (jivajii .us) (phishing.rules)
  • 2047437 - ET PHISHING TOAD Domain in DNS Lookup (help82 .us) (phishing.rules)
  • 2047438 - ET PHISHING TOAD Domain in DNS Lookup (hpsupport01 .us) (phishing.rules)
  • 2047439 - ET PHISHING TOAD Domain in DNS Lookup (apples15 .us) (phishing.rules)
  • 2047440 - ET PHISHING TOAD Domain in DNS Lookup (mshelp1 .us) (phishing.rules)
  • 2047441 - ET PHISHING TOAD Domain in DNS Lookup (mshelp10 .us) (phishing.rules)
  • 2047442 - ET PHISHING TOAD Domain in DNS Lookup (cshelp05 .us) (phishing.rules)
  • 2047443 - ET PHISHING TOAD Domain in DNS Lookup (ncare360 .us) (phishing.rules)
  • 2047444 - ET PHISHING TOAD Domain in DNS Lookup (cashapp01 .us) (phishing.rules)
  • 2047445 - ET PHISHING TOAD Domain in DNS Lookup (mshelp11 .us) (phishing.rules)
  • 2047446 - ET PHISHING TOAD Domain in DNS Lookup (cashapp03 .us) (phishing.rules)
  • 2047447 - ET PHISHING TOAD Domain in DNS Lookup (hpsupport04 .us) (phishing.rules)
  • 2047448 - ET PHISHING TOAD Domain in DNS Lookup (cshelp11 .us) (phishing.rules)
  • 2047449 - ET PHISHING TOAD Domain in DNS Lookup (cashapphelp04 .us) (phishing.rules)
  • 2047450 - ET PHISHING TOAD Domain in DNS Lookup (cashapphelp07 .us) (phishing.rules)
  • 2047451 - ET PHISHING TOAD Domain in DNS Lookup (live855 .us) (phishing.rules)
  • 2047452 - ET PHISHING TOAD Domain in DNS Lookup (mshelp011 .us) (phishing.rules)
  • 2047453 - ET PHISHING TOAD Domain in DNS Lookup (mshelp4 .us) (phishing.rules)
  • 2047454 - ET PHISHING TOAD Domain in DNS Lookup (hpsupport06 .us) (phishing.rules)
  • 2047455 - ET PHISHING TOAD Domain in DNS Lookup (help83 .us) (phishing.rules)
  • 2047456 - ET PHISHING TOAD Domain in DNS Lookup (help85 .us) (phishing.rules)
  • 2047457 - ET PHISHING TOAD Domain in DNS Lookup (pcindigo .us) (phishing.rules)
  • 2047458 - ET PHISHING TOAD Domain in DNS Lookup (msofthelp .com) (phishing.rules)
  • 2047459 - ET PHISHING TOAD Domain in DNS Lookup (pchorse .us) (phishing.rules)
  • 2047460 - ET PHISHING TOAD Domain in DNS Lookup (mshelp9 .us) (phishing.rules)
  • 2047461 - ET PHISHING TOAD Domain in DNS Lookup (mshelp06 .us) (phishing.rules)
  • 2047462 - ET PHISHING TOAD Domain in DNS Lookup (mshelp07 .us) (phishing.rules)
  • 2047463 - ET PHISHING TOAD Domain in DNS Lookup (a128 .us) (phishing.rules)
  • 2047464 - ET PHISHING TOAD Domain in DNS Lookup (apples7 .us) (phishing.rules)
  • 2047465 - ET PHISHING TOAD Domain in DNS Lookup (mshelp014 .us) (phishing.rules)
  • 2047466 - ET PHISHING TOAD Domain in DNS Lookup (hpsupport05 .us) (phishing.rules)
  • 2047467 - ET PHISHING TOAD Domain in DNS Lookup (pcalpha .us) (phishing.rules)
  • 2047468 - ET PHISHING TOAD Domain in DNS Lookup (cshelp02 .us) (phishing.rules)
  • 2047469 - ET PHISHING TOAD Domain in DNS Lookup (securedhelp .us) (phishing.rules)
  • 2047470 - ET PHISHING TOAD Domain in DNS Lookup (pcfox .us) (phishing.rules)
  • 2047471 - ET PHISHING TOAD Domain in DNS Lookup (mshelp7 .us) (phishing.rules)
  • 2047472 - ET PHISHING TOAD Domain in DNS Lookup (cshelp07 .us) (phishing.rules)
  • 2047473 - ET PHISHING TOAD Domain in DNS Lookup (cashapp06 .us) (phishing.rules)
  • 2047474 - ET PHISHING TOAD Domain in DNS Lookup (cashapphelp012 .us) (phishing.rules)
  • 2047475 - ET PHISHING TOAD Domain in DNS Lookup (supportlife .us) (phishing.rules)
  • 2047476 - ET PHISHING TOAD Domain in DNS Lookup (apples2 .us) (phishing.rules)
  • 2047477 - ET PHISHING TOAD Domain in DNS Lookup (mshelp04 .us) (phishing.rules)
  • 2047478 - ET PHISHING TOAD Domain in DNS Lookup (gshelp .us) (phishing.rules)
  • 2047679 - ET MALWARE Python Stealer/Clipper Related Domain in DNS Lookup (kekwltd .ru) (malware.rules)
  • 2047906 - ET MALWARE TA444 CnC Domain in DNS Lookup (datasend .fun) (malware.rules)
  • 2047907 - ET MALWARE TA444 CnC Domain in DNS Lookup (cryptowave .capital) (malware.rules)
  • 2047908 - ET MALWARE TA444 CnC Domain in DNS Lookup (trustmeeting .online) (malware.rules)
  • 2047909 - ET MALWARE TA444 CnC Domain in DNS Lookup (ubi-safemeeting .online) (malware.rules)
  • 2047910 - ET MALWARE TA444 CnC Domain in DNS Lookup (video-meet .xyz) (malware.rules)
  • 2047995 - ET MALWARE DNS Query to TA444 Domain (updatecheck .store) (malware.rules)
  • 2047996 - ET MALWARE DNS Query to TA444 Domain (updatecheck .site) (malware.rules)
  • 2047997 - ET MALWARE DNS Query to TA444 Domain (antiviruscheck .store) (malware.rules)
  • 2047999 - ET MALWARE DNS Query to TA444 Domain (antifirmware .store) (malware.rules)
  • 2048000 - ET MALWARE DNS Query to TA444 Domain (alwayswait .site) (malware.rules)
  • 2048001 - ET MALWARE DNS Query to TA444 Domain (unbelievableresult .site) (malware.rules)
  • 2048002 - ET MALWARE DNS Query to TA444 Domain (antiviruscheck .site) (malware.rules)
  • 2048003 - ET MALWARE DNS Query to TA444 Domain (remoteproweb .cfd) (malware.rules)
  • 2048004 - ET MALWARE DNS Query to TA444 Domain (auditprovidre .store) (malware.rules)
  • 2048005 - ET MALWARE DNS Query to TA444 Domain (alwayswait .online) (malware.rules)
  • 2048008 - ET MALWARE DNS Query to TA444 Domain (auditprovidre .online) (malware.rules)
  • 2048009 - ET MALWARE DNS Query to TA444 Domain (unbelievableresult .store) (malware.rules)
  • 2048011 - ET MALWARE DNS Query to TA444 Domain (newcoming .cfd) (malware.rules)
  • 2048012 - ET MALWARE DNS Query to TA444 Domain (systemupdate .store) (malware.rules)
  • 2048013 - ET MALWARE DNS Query to TA444 Domain (antifirmware .online) (malware.rules)
  • 2048101 - ET MALWARE Atomic MacOS Stealer CnC Domain in DNS Lookup (maybe .host) (malware.rules)
  • 2048144 - ET PHISHING DNS Query to TOAD Domain (eshopper .top) (phishing.rules)
  • 2048147 - ET PHISHING TOAD Domain in DNS Lookup (athelp .live) (phishing.rules)
  • 2048148 - ET PHISHING TOAD Domain in DNS Lookup (login .pcsystem247 .cc) (phishing.rules)
  • 2048149 - ET PHISHING TOAD Domain in DNS Lookup (jxhelp .cc) (phishing.rules)
  • 2048150 - ET PHISHING TOAD Domain in DNS Lookup (mghelp .live) (phishing.rules)
  • 2048151 - ET PHISHING TOAD Domain in DNS Lookup (wdhelp .us) (phishing.rules)
  • 2048152 - ET PHISHING TOAD Domain in DNS Lookup (support7 .cc) (phishing.rules)
  • 2048153 - ET PHISHING TOAD Domain in DNS Lookup (wdhelp .live) (phishing.rules)
  • 2048154 - ET PHISHING TOAD Domain in DNS Lookup (mta-sts .gub .bio) (phishing.rules)
  • 2048155 - ET PHISHING TOAD Domain in DNS Lookup (kbhelp .info) (phishing.rules)
  • 2048156 - ET PHISHING TOAD Domain in DNS Lookup (axhelp .live) (phishing.rules)
  • 2048157 - ET PHISHING TOAD Domain in DNS Lookup (helpsystem .cc) (phishing.rules)
  • 2048158 - ET PHISHING TOAD Domain in DNS Lookup (mail .retfaqboos .site) (phishing.rules)
  • 2048159 - ET PHISHING TOAD Domain in DNS Lookup (gbhelp .live) (phishing.rules)
  • 2048160 - ET PHISHING TOAD Domain in DNS Lookup (gbhelp .cc) (phishing.rules)
  • 2048161 - ET PHISHING TOAD Domain in DNS Lookup (gchelp .info) (phishing.rules)
  • 2048162 - ET PHISHING TOAD Domain in DNS Lookup (jxhelp .us) (phishing.rules)
  • 2048163 - ET PHISHING TOAD Domain in DNS Lookup (cxhelp .us) (phishing.rules)
  • 2048164 - ET PHISHING TOAD Domain in DNS Lookup (retfaqboos .site) (phishing.rules)
  • 2048165 - ET PHISHING TOAD Domain in DNS Lookup (mail .mrree .gub .bio) (phishing.rules)
  • 2048166 - ET PHISHING TOAD Domain in DNS Lookup (dfhelp .cc) (phishing.rules)
  • 2048167 - ET PHISHING TOAD Domain in DNS Lookup (pcsystem247 .cc) (phishing.rules)
  • 2048168 - ET PHISHING TOAD Domain in DNS Lookup (pxhelp .us) (phishing.rules)
  • 2048169 - ET PHISHING TOAD Domain in DNS Lookup (amz34 .us) (phishing.rules)
  • 2048170 - ET PHISHING TOAD Domain in DNS Lookup (emv1 .gub .bio) (phishing.rules)
  • 2048171 - ET PHISHING TOAD Domain in DNS Lookup (mchelp .cc) (phishing.rules)
  • 2048172 - ET PHISHING TOAD Domain in DNS Lookup (login .helpsystem .cc) (phishing.rules)
  • 2048173 - ET PHISHING TOAD Domain in DNS Lookup (jxhelp .info) (phishing.rules)
  • 2048174 - ET PHISHING TOAD Domain in DNS Lookup (33 .gub .bio) (phishing.rules)
  • 2048175 - ET PHISHING TOAD Domain in DNS Lookup (dbhelp .info) (phishing.rules)
  • 2048176 - ET PHISHING TOAD Domain in DNS Lookup (gub .bio) (phishing.rules)
  • 2048177 - ET PHISHING TOAD Domain in DNS Lookup (lbhelp .us) (phishing.rules)
  • 2048178 - ET PHISHING TOAD Domain in DNS Lookup (mshelp58 .us) (phishing.rules)
  • 2048179 - ET PHISHING TOAD Domain in DNS Lookup (cashapphelp19 .us) (phishing.rules)
  • 2048231 - ET PHISHING TOAD Domain in DNS Lookup (gxcare .cc) (phishing.rules)
  • 2048232 - ET PHISHING TOAD Domain in DNS Lookup (tenty247 .top) (phishing.rules)
  • 2048329 - ET EXPLOIT_KIT ScamClub Domain in DNS Lookup (Waytopmobirtb .com) (exploit_kit.rules)
  • 2048330 - ET EXPLOIT_KIT ScamClub Domain in DNS Lookup (Wstatkblsenmb1234 .top) (exploit_kit.rules)
  • 2048331 - ET EXPLOIT_KIT ScamClub Domain in DNS Lookup (waytopmobi .com) (exploit_kit.rules)
  • 2048332 - ET EXPLOIT_KIT ScamClub Domain in DNS Lookup (tetstwitn12 .xyz) (exploit_kit.rules)
  • 2048333 - ET EXPLOIT_KIT ScamClub Domain in DNS Lookup (Apsbvl .space) (exploit_kit.rules)
  • 2048334 - ET EXPLOIT_KIT ScamClub Domain in DNS Lookup (Bhgusz .space) (exploit_kit.rules)
  • 2048335 - ET EXPLOIT_KIT ScamClub Domain in DNS Lookup (axufcs .space) (exploit_kit.rules)
  • 2048336 - ET EXPLOIT_KIT ScamClub Domain in DNS Lookup (Luckypapa .top) (exploit_kit.rules)
  • 2048337 - ET EXPLOIT_KIT ScamClub Domain in DNS Lookup (Namecheap Inc .) (exploit_kit.rules)
  • 2048338 - ET EXPLOIT_KIT ScamClub Domain in DNS Lookup (Luckypuppy .top) (exploit_kit.rules)
  • 2048339 - ET EXPLOIT_KIT ScamClub Domain in DNS Lookup (Namecheap Inc .) (exploit_kit.rules)
  • 2048340 - ET EXPLOIT_KIT ScamClub Domain in DNS Lookup (bbd383ttka21 .top) (exploit_kit.rules)
  • 2048341 - ET EXPLOIT_KIT ScamClub Domain in DNS Lookup (21bustqisw2 .top) (exploit_kit.rules)
  • 2048342 - ET EXPLOIT_KIT ScamClub Domain in DNS Lookup (2022325luckyday .top) (exploit_kit.rules)
  • 2048343 - ET EXPLOIT_KIT ScamClub Domain in TLS SNI (Waytopmobirtb .com) (exploit_kit.rules)
  • 2048344 - ET EXPLOIT_KIT ScamClub Domain in TLS SNI (Wstatkblsenmb1234 .top) (exploit_kit.rules)
  • 2048345 - ET EXPLOIT_KIT ScamClub Domain in TLS SNI (waytopmobi .com) (exploit_kit.rules)
  • 2048346 - ET EXPLOIT_KIT ScamClub Domain in TLS SNI (tetstwitn12 .xyz) (exploit_kit.rules)
  • 2048347 - ET EXPLOIT_KIT ScamClub Domain in TLS SNI (Apsbvl .space) (exploit_kit.rules)
  • 2048348 - ET EXPLOIT_KIT ScamClub Domain in TLS SNI (Bhgusz .space) (exploit_kit.rules)
  • 2048349 - ET EXPLOIT_KIT ScamClub Domain in TLS SNI (axufcs .space) (exploit_kit.rules)
  • 2048350 - ET EXPLOIT_KIT ScamClub Domain in TLS SNI (Luckypapa .top) (exploit_kit.rules)
  • 2048351 - ET EXPLOIT_KIT ScamClub Domain in TLS SNI (Namecheap Inc .) (exploit_kit.rules)
  • 2048352 - ET EXPLOIT_KIT ScamClub Domain in TLS SNI (Luckypuppy .top) (exploit_kit.rules)
  • 2048353 - ET EXPLOIT_KIT ScamClub Domain in TLS SNI (Namecheap Inc .) (exploit_kit.rules)
  • 2048354 - ET EXPLOIT_KIT ScamClub Domain in TLS SNI (bbd383ttka21 .top) (exploit_kit.rules)
  • 2048355 - ET EXPLOIT_KIT ScamClub Domain in TLS SNI (21bustqisw2 .top) (exploit_kit.rules)
  • 2048356 - ET EXPLOIT_KIT ScamClub Domain in TLS SNI (2022325luckyday .top) (exploit_kit.rules)
  • 2048763 - ET PHISHING DNS Query to TOAD Domain (bshelp .us) (phishing.rules)
  • 2048764 - ET PHISHING DNS Query to TOAD Domain (b2care .cc) (phishing.rules)
  • 2048765 - ET PHISHING DNS Query to TOAD Domain (cshelp03 .us) (phishing.rules)
  • 2048766 - ET PHISHING DNS Query to TOAD Domain (r2care .cc) (phishing.rules)
  • 2048767 - ET PHISHING DNS Query to TOAD Domain (bghelp .us) (phishing.rules)
  • 2048768 - ET PHISHING DNS Query to TOAD Domain (r2care .us) (phishing.rules)
  • 2048769 - ET PHISHING DNS Query to TOAD Domain (dfhelp .live) (phishing.rules)
  • 2048770 - ET PHISHING DNS Query to TOAD Domain (hshelp .live) (phishing.rules)
  • 2048771 - ET PHISHING DNS Query to TOAD Domain (j2care .cc) (phishing.rules)
  • 2048772 - ET PHISHING DNS Query to TOAD Domain (hscare .cc) (phishing.rules)
  • 2048773 - ET PHISHING DNS Query to TOAD Domain (i2care .us) (phishing.rules)
  • 2048774 - ET PHISHING DNS Query to TOAD Domain (hshelp .info) (phishing.rules)
  • 2048775 - ET PHISHING DNS Query to TOAD Domain (bgcare .info) (phishing.rules)
  • 2048776 - ET PHISHING DNS Query to TOAD Domain (bgcare .us) (phishing.rules)
  • 2048777 - ET PHISHING DNS Query to TOAD Domain (a2help .us) (phishing.rules)
  • 2048778 - ET PHISHING DNS Query to TOAD Domain (bshelp .support) (phishing.rules)
  • 2048779 - ET PHISHING DNS Query to TOAD Domain (bscare .help) (phishing.rules)
  • 2048780 - ET PHISHING DNS Query to TOAD Domain (c2care .cc) (phishing.rules)
  • 2048781 - ET PHISHING DNS Query to TOAD Domain (hscare .info) (phishing.rules)
  • 2048782 - ET PHISHING DNS Query to TOAD Domain (hscare .live) (phishing.rules)
  • 2048783 - ET PHISHING DNS Query to TOAD Domain (brhelp .live) (phishing.rules)
  • 2048784 - ET PHISHING DNS Query to TOAD Domain (bscare .cc) (phishing.rules)
  • 2048785 - ET PHISHING DNS Query to TOAD Domain (cancel247 .info) (phishing.rules)
  • 2048786 - ET PHISHING DNS Query to TOAD Domain (m2care .cc) (phishing.rules)
  • 2048787 - ET PHISHING DNS Query to TOAD Domain (aphelp .us) (phishing.rules)
  • 2048788 - ET PHISHING DNS Query to TOAD Domain (d2care .cc) (phishing.rules)
  • 2048789 - ET PHISHING DNS Query to TOAD Domain (g2care .us) (phishing.rules)
  • 2048790 - ET PHISHING DNS Query to TOAD Domain (bgcare .live) (phishing.rules)
  • 2048791 - ET PHISHING DNS Query to TOAD Domain (j2care .us) (phishing.rules)
  • 2048792 - ET PHISHING DNS Query to TOAD Domain (bshelp .info) (phishing.rules)
  • 2048793 - ET PHISHING DNS Query to TOAD Domain (n2care .us) (phishing.rules)
  • 2048794 - ET PHISHING DNS Query to TOAD Domain (nxhelp .live) (phishing.rules)
  • 2048795 - ET PHISHING DNS Query to TOAD Domain (bghelp .online) (phishing.rules)
  • 2048797 - ET PHISHING DNS Query to TOAD Domain (hscare .online) (phishing.rules)
  • 2048798 - ET PHISHING DNS Query to TOAD Domain (kelbyonel .nl) (phishing.rules)
  • 2048799 - ET PHISHING DNS Query to TOAD Domain (m2care .us) (phishing.rules)
  • 2048800 - ET PHISHING DNS Query to TOAD Domain (hshelp .online) (phishing.rules)
  • 2048801 - ET PHISHING DNS Query to TOAD Domain (bscare .info) (phishing.rules)
  • 2048802 - ET PHISHING DNS Query to TOAD Domain (hshelp .us) (phishing.rules)
  • 2048803 - ET PHISHING DNS Query to TOAD Domain (hscare .us) (phishing.rules)
  • 2048804 - ET PHISHING DNS Query to TOAD Domain (h2care .cc) (phishing.rules)
  • 2048805 - ET PHISHING DNS Query to TOAD Domain (b2care .us) (phishing.rules)
  • 2048806 - ET PHISHING DNS Query to TOAD Domain (bscare .live) (phishing.rules)
  • 2048807 - ET PHISHING DNS Query to TOAD Domain (bshelp .live) (phishing.rules)
  • 2048808 - ET PHISHING DNS Query to TOAD Domain (suvfix .us) (phishing.rules)
  • 2048809 - ET PHISHING DNS Query to TOAD Domain (axhelp .us) (phishing.rules)
  • 2048810 - ET PHISHING DNS Query to TOAD Domain (g2care .cc) (phishing.rules)
  • 2048811 - ET PHISHING DNS Query to TOAD Domain (a2care .cc) (phishing.rules)
  • 2048812 - ET PHISHING DNS Query to TOAD Domain (i2care .cc) (phishing.rules)
  • 2048813 - ET PHISHING DNS Query to TOAD Domain (mshelp09 .live) (phishing.rules)
  • 2048814 - ET PHISHING DNS Query to TOAD Domain (n2care .cc) (phishing.rules)
  • 2048815 - ET PHISHING DNS Query to TOAD Domain (cashapphelp2 .us) (phishing.rules)
  • 2048816 - ET PHISHING DNS Query to TOAD Domain (bscare .us) (phishing.rules)
  • 2048817 - ET PHISHING DNS Query to TOAD Domain (hshelp .cc) (phishing.rules)
  • 2048818 - ET PHISHING DNS Query to TOAD Domain (a2care .us) (phishing.rules)
  • 2048819 - ET PHISHING DNS Query to TOAD Domain (bghelp .live) (phishing.rules)
  • 2048820 - ET PHISHING DNS Query to TOAD Domain (bgcare .cc) (phishing.rules)
  • 2048821 - ET PHISHING DNS Query to TOAD Domain (h2care .us) (phishing.rules)
  • 2048822 - ET PHISHING DNS Query to TOAD Domain (bgcare .help) (phishing.rules)
  • 2048823 - ET PHISHING DNS Query to TOAD Domain (bghelp .cc) (phishing.rules)
  • 2048824 - ET PHISHING DNS Query to TOAD Domain (bgcare .online) (phishing.rules)
  • 2048825 - ET PHISHING DNS Query to TOAD Domain (q2care .us) (phishing.rules)
  • 2048826 - ET PHISHING DNS Query to TOAD Domain (d2care .us) (phishing.rules)
  • 2048827 - ET PHISHING DNS Query to TOAD Domain (c2care .us) (phishing.rules)
  • 2049064 - ET MALWARE DNS Query to IcedID Domain (asleytomafa .com) (malware.rules)
  • 2049067 - ET MALWARE DNS Query to IcedID Domain (grafielucho .com) (malware.rules)
  • 2049104 - ET MALWARE Lazarus CnC Domain in DNS Lookup (online-meeting .team) (malware.rules)
  • 2049105 - ET MALWARE Lazarus CnC Domain in DNS Lookup (team-meet .online) (malware.rules)
  • 2049106 - ET MALWARE Lazarus CnC Domain in DNS Lookup (safemeeting .online) (malware.rules)
  • 2049107 - ET MALWARE Lazarus CnC Domain in DNS Lookup (videomeethub .online) (malware.rules)
  • 2049172 - ET MALWARE DNS Query to Remcos Domain (retghrtgwtrgtg .bounceme .net) (malware.rules)
  • 2049173 - ET MALWARE DNS Query to Remcos Domain (listpoints .online) (malware.rules)
  • 2049174 - ET MALWARE DNS Query to Remcos Domain (listpoints .click) (malware.rules)
  • 2049743 - ET MALWARE DNS Query to UAC-0177 Domain (ssl2 .in) (malware.rules)
  • 2049744 - ET MALWARE DNS Query to UAC-0177 Domain (ssl4 .site) (malware.rules)
  • 2049745 - ET MALWARE DNS Query to UAC-0177 Domain (getssl .ink) (malware.rules)
  • 2049746 - ET MALWARE DNS Query to UAC-0177 Domain (personlog .in) (malware.rules)
  • 2049748 - ET MALWARE DNS Query to UAC-0177 Domain (authssl .online) (malware.rules)
  • 2049749 - ET MALWARE DNS Query to UAC-0177 Domain (ssl1 .site) (malware.rules)
  • 2049750 - ET MALWARE DNS Query to UAC-0177 Domain (hsts .online) (malware.rules)
  • 2049751 - ET MALWARE DNS Query to UAC-0177 Domain (authssl .in) (malware.rules)
  • 2049752 - ET MALWARE DNS Query to UAC-0177 Domain (ssl2 .online) (malware.rules)
  • 2049754 - ET MALWARE DNS Query to UAC-0177 Domain (goaccount .link) (malware.rules)
  • 2049755 - ET MALWARE DNS Query to UAC-0177 Domain (ssl2 .site) (malware.rules)
  • 2049756 - ET MALWARE DNS Query to UAC-0177 Domain (ssl1 .online) (malware.rules)
  • 2049758 - ET MALWARE DNS Query to UAC-0177 Domain (certifiedauth .in) (malware.rules)
  • 2049759 - ET MALWARE DNS Query to UAC-0177 Domain (authssl .link) (malware.rules)
  • 2049760 - ET MALWARE DNS Query to UAC-0177 Domain (connectssl .in) (malware.rules)
  • 2049761 - ET MALWARE DNS Query to UAC-0177 Domain (getssl .click) (malware.rules)
  • 2049762 - ET MALWARE DNS Query to UAC-0177 Domain (ssl3 .site) (malware.rules)
  • 2049763 - ET MALWARE DNS Query to UAC-0177 Domain (ssl3 .online) (malware.rules)
  • 2049764 - ET MALWARE DNS Query to UAC-0177 Domain (exmo .day) (malware.rules)
  • 2049765 - ET MALWARE DNS Query to UAC-0177 Domain (authcheck .in) (malware.rules)
  • 2049766 - ET MALWARE DNS Query to UAC-0177 Domain (ssl4 .online) (malware.rules)
  • 2049767 - ET MALWARE DNS Query to UAC-0177 Domain (authssl .org) (malware.rules)
  • 2853034 - ETPRO MALWARE Observed DNS Query to AsyncRAT Domain (malware.rules)
  • 2853035 - ETPRO MALWARE Observed DNS Query to AsyncRAT Domain (malware.rules)
  • 2853299 - ETPRO MALWARE IcedID CnC Domain in DNS Lookup (malware.rules)
  • 2853772 - ETPRO MALWARE Observed DNS Query to TA444 Domain (malware.rules)
  • 2853773 - ETPRO MALWARE Observed DNS Query to TA444 Domain (malware.rules)
  • 2853774 - ETPRO MALWARE Observed DNS Query to TA444 Domain (malware.rules)
  • 2853775 - ETPRO MALWARE Observed DNS Query to TA444 Domain (malware.rules)
  • 2853776 - ETPRO MALWARE Observed DNS Query to TA444 Domain (malware.rules)
  • 2853777 - ETPRO MALWARE Observed DNS Query to TA444 Domain (malware.rules)
  • 2853778 - ETPRO MALWARE Observed DNS Query to TA444 Domain (malware.rules)
  • 2853779 - ETPRO MALWARE Observed DNS Query to TA444 Domain (malware.rules)
  • 2853781 - ETPRO MALWARE Observed DNS Query to TA444 Domain (malware.rules)
  • 2853784 - ETPRO MALWARE Observed DNS Query to TA444 Domain (malware.rules)
  • 2853798 - ETPRO MALWARE Observed DNS Query to TA444 Domain (malware.rules)
  • 2853799 - ETPRO MALWARE Observed DNS Query to TA444 Domain (malware.rules)
  • 2853800 - ETPRO MALWARE Observed DNS Query to TA444 Domain (malware.rules)
  • 2854119 - ETPRO MALWARE Observed DNS Query to CrDatLoader Domain (malware.rules)
  • 2854120 - ETPRO MALWARE Observed DNS Query to CrDatLoader Domain (malware.rules)
  • 2854121 - ETPRO MALWARE Observed DNS Query to CrDatLoader Domain (malware.rules)
  • 2854244 - ETPRO MALWARE Observed DNS Query to AgentTesla Domain (malware.rules)
  • 2854489 - ETPRO INFO MS Teams URL Shortening Service Domain in DNS Lookup (info.rules)
  • 2854532 - ETPRO PHISHING Phishing Domain in DNS Lookup (2023-06-09) (phishing.rules)
  • 2854534 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854535 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854536 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854537 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854538 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854539 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854540 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854541 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854542 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854543 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854544 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854545 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854546 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854547 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854548 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854549 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854550 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854551 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854552 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854553 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854554 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854555 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854556 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854557 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854558 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854559 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854560 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854561 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854562 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854563 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854564 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854565 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854566 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854567 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854568 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854569 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854570 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854571 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854572 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854573 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854574 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854575 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854576 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854577 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854578 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854579 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854580 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854581 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854582 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854583 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854584 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854585 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854586 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854587 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854588 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854589 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854590 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854591 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854592 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854593 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854598 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854599 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854600 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854601 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854602 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854603 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854604 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854605 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854606 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854607 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854608 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854609 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854610 - ETPRO PHISHING DNS Query to Call Center Scam Domain (2023-06-12) (phishing.rules)
  • 2854780 - ETPRO PHISHING Phishing Domain in DNS Lookup (phishing.rules)
  • 2855033 - ETPRO MALWARE Observed Phishing Domain in TLS SNI (malware.rules)
  • 2855185 - ETPRO CURRENT_EVENTS Commonly Abused Domain Domain in DNS Lookup (current_events.rules)
  • 2855186 - ETPRO CURRENT_EVENTS Observed Commonly Abused Domain in TLS SNI (current_events.rules)
  • 2855316 - ETPRO PHISHING TOAD Domain in DNS Lookup (phishing.rules)
  • 2855317 - ETPRO PHISHING Observed TOAD Domain in TLS SNI (phishing.rules)
  • 2855533 - ETPRO MALWARE LockBit Domain in DNS Lookup (malware.rules)
  • 2855534 - ETPRO MALWARE Observed LockBit Domain in TLS SNI (malware.rules)
  • 2855541 - ETPRO PHISHING Observed TOAD Domain in TLS SNI (phishing.rules)
  • 2855546 - ETPRO MALWARE DNS Query to Remcos Domain (malware.rules)
  • 2855547 - ETPRO MALWARE Observed Remcos Domain in TLS SNI (malware.rules)