Rule Category


Alert Message

MALWARE-OTHER Win.Trojan.Timbre variant download attempt

Rule Explanation

This rule looks for words unique to the phishing email.

What To Look For

This rule alerts on a phising email attempting to trick a user into visiting a malicious website.

Known Usage

Attacks/Scans seen in the wild

False Positives

No known false positives


Cisco Talos Intelligence Group

Rule Groups

Rule Categories::Malware::Other

MITRE::ATT&CK Framework::Enterprise::Command and Control::Application Layer Protocol

MITRE::ATT&CK Framework::Enterprise::Initial Access::Phishing



Additional Links

Rule Vulnerability

No information provided

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.