Sonicwall Signatures
Go to
All Categories
list.
FireEye RUBEUS nonce 2 IOC UDP
Category:
BACKDOOR
Network detection rule that looks for specific response body content and HTTP server headers specified within Cobalt Strike malleable C2 profile. This is used as an attempt to blend in and provide a resemblance of legitimate network communications.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0218
© SonicWall 2020 |
Privacy Policy
|
Conditions for use
Version: 10.0
