et-open
command-and-control
sid 2024290
format suricata
sid 2024298
format suricata
sid 2024300
format suricata
et-open
command-and-control
ET MALWARE MSIL/EasyLocker Ransomware CnC Activity
sid 2024320
format suricata
et-open
trojan-activity
ET MALWARE UIWIX Ransomware .onion Payment Domain (4ujngbdqqm6t2c53)
sid 2024323
format suricata
et-open
command-and-control
sid 2024340
format suricata
et-open
trojan-activity
ET MALWARE Executioner Ransomware Reporting Infection via SMTP
sid 2024351
format suricata
et-open
command-and-control
ET MALWARE MSIL/Unk.HT-Based Ransomware CnC Checkin
sid 2024352
format suricata
sid 2024439
format suricata
sid 2024440
format suricata
et-open
command-and-control
ET MALWARE Win32/Striked Ransomware CnC Checkin
sid 2024465
format suricata
et-open
command-and-control
ET MALWARE Observed DNS Query to Known Fenrir Ransomware CnC Domain
sid 2024467
format suricata
et-open
command-and-control
ET MALWARE Observed Malicious DNS Query (Reyptson Ransomware CnC)
sid 2024469
format suricata
et-open
command-and-control
ET MALWARE Shifr Ransomware CnC DNS Query (v5t5z6a55ksmt3oh)
sid 2024491
format suricata
et-open
command-and-control
ET MALWARE Shifr Ransomware CnC DNS Query (ojdue4474qghybjb)
sid 2024492
format suricata
sid 2024516
format suricata
sid 2024517
format suricata
sid 2024518
format suricata
sid 2024519
format suricata
sid 2024520
format suricata
sid 2024521
format suricata
sid 2024522
format suricata
sid 2024523
format suricata
sid 2024524
format suricata
sid 2024525
format suricata
sid 2024603
format suricata
et-open
command-and-control
ET MALWARE ApolloLocker Ransomware CnC Checkin
sid 2024666
format suricata
et-open
command-and-control
ET MALWARE ApolloLocker Ransomware CnC Checkin 2
sid 2024667
format suricata
et-open
trojan-activity
ET MALWARE BadRabbit Ransomware Activity Via WebDAV (cscc)
sid 2024905
format suricata
et-open
trojan-activity
ET MALWARE BadRabbit Ransomware Activity Via WebDAV (infpub)
sid 2024906
format suricata
et-open
command-and-control
ET MALWARE SAD Ransomware CnC Activity
sid 2024954
format suricata
sid 2024981
format suricata
sid 2024982
format suricata
sid 2024983
format suricata
et-open
command-and-control
sid 2025143
format suricata
et-open
trojan-activity
ET MALWARE MoneroPay Ransomware Payment Activity
sid 2025204
format suricata
et-open
command-and-control
ET MALWARE Win32/GandCrab Ransomware CnC Activity
sid 2025254
format suricata
et-open
command-and-control
ET MALWARE Shurl0ckr Ransomware CnC (kdvm5fd6tn6jsbwh .onion .to in DNS Lookup)
sid 2025332
format suricata
et-open
trojan-activity
ET MALWARE Observed Princess Ransomware Payment Domain (royal25fphqilqft in DNS Lookup)
sid 2025404
format suricata
et-open
command-and-control
ET MALWARE Observed GandCrab Ransomware CnC/IP Check Domain (politiaromana .bit in DNS Lookup)
sid 2025405
format suricata
et-open
command-and-control
ET MALWARE Observed GandCrab Ransomware CnC/IP Check Domain (malwarehunterteam .bit in DNS Lookup)
sid 2025406
format suricata
et-open
command-and-control
ET MALWARE Observed GandCrab Ransomware CnC/IP Check Domain (gdcb .bit in DNS Lookup)
sid 2025407
format suricata
et-open
trojan-activity
ET MALWARE Observed GandCrab Ransomware Domain (ransomware .bit in DNS Lookup)
sid 2025452
format suricata
et-open
trojan-activity
ET MALWARE Observed GandCrab Ransomware Domain (zonealarm .bit in DNS Lookup)
sid 2025453
format suricata
et-open
trojan-activity
ET MALWARE Observed GandCrab Ransomware Domain (chlenaverasiskihe .sex in DNS Lookup)
sid 2025454
format suricata
et-open
command-and-control
ET MALWARE Win32/GandCrab Ransomware CnC Activity M2
sid 2025455
format suricata
et-open
command-and-control
sid 2025486
format suricata
et-open
trojan-activity
ET MALWARE Observed GandCrab Ransomware Domain (carder .bit in DNS Lookup)
sid 2025546
format suricata
et-open
trojan-activity
ET MALWARE Likely GandCrab Ransomware Domain in HTTP Host M1
sid 2025547
format suricata
et-open
trojan-activity
ET MALWARE Likely GandCrab Ransomware Domain in HTTP Host M2
sid 2025548
format suricata