Weekly Detection Rule (YARA and Snort) Information – Week 5, August 2024
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 |
Common Information
| Type | Value |
|---|---|
| UUID | 8be008fa-63c4-451d-8b0e-1fb4057eb217 |
| Fingerprint | ddf599c669c999c6 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Aug. 28, 2024, midnight |
| Added to db | Aug. 31, 2024, 12:08 a.m. |
| Last updated | Nov. 17, 2024, 11:40 p.m. |
| Headline | Weekly Detection Rule (YARA and Snort) Information – Week 5, August 2024 |
| Title | Weekly Detection Rule (YARA and Snort) Information – Week 5, August 2024 |
| Detected Hints/Tags/Attributes | 24/2/12 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://asec.ahnlab.com/en/82678/ |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 17 | ✔ | ASEC | https://asec.ahnlab.com/en/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4128 | github.com |
|
| Details | Domain | 6 | id.me |
|
| Details | Domain | 27 | rules.emergingthreatspro.com |
|
| Details | File | 1 | e225857.exe |
|
| Details | File | 10 | get-datainfo.ps1 |
|
| Details | File | 2 | socks32.exe |
|
| Details | File | 3 | qwe.exe |
|
| Details | Github username | 20 | t4d |
|
| Details | Github username | 19 | the-dfir-report |
|
| Details | Url | 20 | https://github.com/t4d/phishingkit-yara-rules |
|
| Details | Url | 5 | https://github.com/the-dfir-report/yara-rules |
|
| Details | Url | 24 | https://rules.emergingthreatspro.com/open |