Think you have a false positive on this rule?

Sid 1-52149

Message

MALWARE-CNC Win.Trojan.Agent variant outbound connection

Summary

This event is generated when a Win.Trojan.Agent variant is detected on the network making an outbound connection.

Impact

Attempted User Privilege Gain

Detailed information

a Win.Trojan.Agent variant is detected on the network making an outbound connection.

Affected systems

Ease of attack

False positives

Not known

False negatives

Not known

Corrective action

Contributors

  • Cisco Talos Intelligence Group

Additional References

  • virustotal.com/#/file/738ba44188a93de6b5ca7e0bf0a77f66f677a0dda2b2e9ef4b91b1c8257da790/analysis