MALWARE-OTHER --
MALWARE-OTHER Win.Packed.SmokeLoader ransomware executable download attempt
This rule detects the attempted download of Win.Packed.SmokeLoader variants, also known as Conti ransomware by looking for unique data contained within the executable file.
This rule detects the attempted download of Win.Packed.SmokeLoader variants, also known as Conti ransomware.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
None
No information provided
None
Tactic: Impact
Technique: Data Encrypted for Impact
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org