MALWARE-BACKDOOR -- Snort has detected suspicious communication traffic unrelated to commands, such as exfiltration of data from the infected machine, especially larger chunks of data.
MALWARE-BACKDOOR Win.Backdoor.Chopper webshell inbound request attempt
This event is generated when Win.Backdoor.Chopper is detected on the network. Impact: A Network Trojan was detected Details: This rule fires when an inbound request is being attempted by a client connecting to Win.Backdoor.Chopper. Ease of Attack:
This event is generated when Win.Backdoor.Chopper is detected on the network.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
None
No information provided
None
Tactic: Command and Control
Technique: Standard Application Layer Protocol
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org