ET TA_ABUSED_SERVICES Commonly Abused File Sharing Domain in DNS Lookup (ftpupload .net)
Sourceet/open
Fileemerging-ta_abused_services.rules
CreatedJune 22, 2022
UpdatedJune 27, 2024
Classificationbad-unknown
alert dns $HOME_NET any -> any any (msg:"ET TA_ABUSED_SERVICES Commonly Abused File Sharing Domain in DNS Lookup (ftpupload .net)"; dns.query; bsize:13; content:"ftpupload.net"; nocase; reference:md5,ddc7091a431c36c35adbc0d1ccfbfa3a ; classtype:bad-unknown; sid:2037077; rev:4; metadata:attack_target Client_Endpoint, created_at 2022_06_22, deployment Perimeter, former_category FILE_SHARING, confidence High, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_06_27;)
References
| md5 | ddc7091a431c36c35adbc0d1ccfbfa3a |
Metadata
attack targetClient_Endpoint
created at2022_06_22
deploymentPerimeter
former categoryFILE_SHARING
confidenceHigh
signature severityInformational
tagDescription_Generated_By_Proofpoint_Nexus
updated at2024_06_27
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!