Rule Category

MALWARE-OTHER --

Alert Message

MALWARE-OTHER Win.Dropper.PyVil outbound communication attempt

Rule Explanation

This rule detects an outbound communication attempt from a variant of Win.Dropper.PyVil by looking for specific patterns in the outbound URI.

What To Look For

This rule detects an outbound communication attempt from a variant of Win.Dropper.PyVil.

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group