Sonicwall Signatures
Go to
All Categories
list.
FireEye RUBEUS nonce 2 IOC TCP
Category:
BACKDOOR
Network detection rule that looks for specific response body content within Cobalt Strike malleable C2 profile. This is used as an attempt to blend in and provide legitimacy within the malware C2 communications.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1134
© SonicWall 2020 |
Privacy Policy
|
Conditions for use
Version: 10.0
