Home/Network IDS rules
IDS / IPS

Network IDS rules

279 rules · linked to T1486 · Snort / Suricata signatures
Network intrusion-detection signatures from open rulesets (ET Open, Snort Community, abuse.ch). These match malicious traffic patterns on the wire. Expand a rule to view its source link.

Rules

50 shown of 279
et-open trojan-activity
ET MALWARE Locky Ransomware Renaming File via SMB
sid 2023147 format suricata
et-open trojan-activity
ET MALWARE Locky Ransomware Writing Instructions via SMB
sid 2023148 format suricata
et-open trojan-activity
ET MALWARE Zlader Ransomware Worm Propagating Over SMB v1 ASCII
sid 2023149 format suricata
et-open command-and-control
ET MALWARE Nuke Ransomware Checkin
sid 2023335 format suricata
et-open command-and-control
ET MALWARE Win32/CryPy Ransomware CnC Checkin
sid 2023345 format suricata
et-open trojan-activity
ET MALWARE Win32/CryPy Ransomware Encrypting File
sid 2023346 format suricata
et-open command-and-control
ET MALWARE Win32/CryptFile2 Ransomware Checkin M2
sid 2023397 format suricata
et-open trojan-activity
ET MALWARE Ransomware/Cerber Onion Domain Lookup
sid 2023425 format suricata
et-open trojan-activity
ET MALWARE Ransomware/Cerber Onion Domain Lookup
sid 2023426 format suricata
et-open trojan-activity
ET MALWARE Ransomware/Cerber Onion Domain Lookup
sid 2023427 format suricata
et-open trojan-activity
ET MALWARE Ransomware/Cerber Onion Domain Lookup
sid 2023428 format suricata
et-open command-and-control
ET MALWARE Win32/Jackpot Ransomware CnC Checkin
sid 2023465 format suricata
et-open command-and-control
ET MALWARE MSIL/HadesLocker Ransomware Checkin
sid 2023481 format suricata
et-open command-and-control
ET MALWARE CerberTear Ransomware CnC Checkin
sid 2023505 format suricata
et-open command-and-control
ET MALWARE MSIL/Alcatrez Locker Ransomware CnC Checkin
sid 2023506 format suricata
et-open command-and-control
ET MALWARE CryptoLuck / YafunnLocker Ransomware CnC Checkin
sid 2023533 format suricata
et-open command-and-control
ET MALWARE Win32/CHIP Ransomware CnC Checkin
sid 2023534 format suricata
et-open trojan-activity
ET MALWARE ABUSE.CH Ransomware/Cerber Onion Domain Lookup
sid 2023579 format suricata
et-open trojan-activity
ET MALWARE ABUSE.CH Ransomware/Cerber Onion Domain Lookup
sid 2023580 format suricata
et-open trojan-activity
ET MALWARE ABUSE.CH Ransomware/Cerber Onion Domain Lookup
sid 2023581 format suricata
et-open trojan-activity
ET MALWARE ABUSE.CH Ransomware/Cerber Onion Domain Lookup
sid 2023582 format suricata
et-open command-and-control
ET MALWARE Win32/Braincrypt Ransomware CnC Checkin
sid 2023675 format suricata
et-open trojan-activity
ET MALWARE Ransomware/Cerber Onion Domain Lookup
sid 2023690 format suricata
et-open command-and-control
ET MALWARE MRCR1 Ransomware Checkin M1
sid 2023691 format suricata
et-open command-and-control
ET MALWARE MRCR1 Ransomware Checkin M2
sid 2023692 format suricata
et-open trojan-activity
ET MALWARE Spora Ransomware DNS Query
sid 2023728 format suricata
et-open trojan-activity
ET MALWARE Evil JS Ransomware
sid 2023747 format suricata
et-open command-and-control
ET MALWARE Sage Ransomware Checkin Primer
sid 2023766 format suricata
et-open command-and-control
ET MALWARE Sage Ransomware Checkin
sid 2023767 format suricata
et-open command-and-control
ET MALWARE CryptoShield Ransomware Checkin
sid 2023814 format suricata
et-open trojan-activity
ET MALWARE Spora Ransomware DNS Query
sid 2023887 format suricata
et-open command-and-control
ET MALWARE Spora Ransomware Checkin
sid 2024041 format suricata
et-open trojan-activity
ET MALWARE Spora Ransomware SSL Certificate Detected
sid 2024043 format suricata
et-open command-and-control
ET MALWARE Win32/CryptFile2 / Revenge Ransomware Checkin M3
sid 2024056 format suricata
et-open trojan-activity
ET MALWARE ABUSE.CH Ransomware/Cerber Onion Domain Lookup
sid 2024104 format suricata
et-open trojan-activity
ET MALWARE Win32/Teslacrypt Ransomware .onion domain (2kjb7.net)
sid 2024105 format suricata
et-open trojan-activity
ET MALWARE Win32/Teslacrypt Ransomware .onion domain (7tno4hib47vlep5o)
sid 2024106 format suricata
et-open trojan-activity
ET MALWARE Ransomware CrypMIC Payment Onion Domain
sid 2024118 format suricata
et-open trojan-activity
ET MALWARE Ransomware CrypMIC Payment Onion Domain
sid 2024119 format suricata
et-open command-and-control
ET MALWARE MSIL/Matrix Ransomware CnC Activity
sid 2024120 format suricata
et-open trojan-activity
ET MALWARE MSIL/Matrix Ransomware Sending Encrypted Filelist
sid 2024178 format suricata
et-open trojan-activity
ET MALWARE DeepEnd Research Ransomware CrypMIC Payment Onion Domain
sid 2024189 format suricata
et-open trojan-activity
ET MALWARE DeepEnd Research Ransomware CrypMIC Payment Onion Domain
sid 2024190 format suricata
et-open command-and-control
ET MALWARE MSIL/Hidden-Tear Variant Ransomware CnC Checkin
sid 2024204 format suricata
et-open command-and-control
ET MALWARE MSIL/Runsome Ransomware CnC Checkin
sid 2024223 format suricata
et-open command-and-control
ET MALWARE MSIL/Karmen Ransomware CnC Activity
sid 2024239 format suricata
et-open trojan-activity
ET MALWARE DeepEnd Research Ransomware CrypMIC Payment Onion Domain
sid 2024263 format suricata
et-open trojan-activity
ET MALWARE DeepEnd Research Ransomware CrypMIC Payment Onion Domain
sid 2024264 format suricata
et-open command-and-control
ET MALWARE MSIL/NewHT Ransomware CnC Checkin
sid 2024280 format suricata
et-open command-and-control
ET MALWARE Jaff Ransomware Checkin
sid 2024288 format suricata
Showing 51-100 of 279
Prev 2 Next
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin