SID 1:53210

Report a false positive

Rule Category

MALWARE-OTHER --

Alert Message

MALWARE-OTHER Win.Trojan.AZORult malicious executable download attempt

Rule Explanation

This event is generated when victim computer tries to download malicious AZORult malware Impact: A Network Trojan was detected Details: Ease of Attack:

What To Look For

When Snort sees a common obfuscation technique associated with this malware it will alert.

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

Rule Groups

No rule groups

CVE

None

Additional Links

virustotal.com/gui/file/bff8e4f08902ad7a4f4a69bd0bfdbc80a8e1222ffdbfdbe0fb1dc551c60b8fd9/detection

Rule Vulnerability

No information provided

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.

None

MITRE ATT&CK Framework

Tactic: Defense Evasion

Technique: Obfuscated Files or Information

For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org