Enigma Stealer Traffic

Rule Info

Name
Enigma Stealer Traffic
Author
X__Junior
Description
Detects Enigma stealer GET requests used to retrieve data from the C2
Reference
https://tria.ge/230121-rb7qlsch55/behavioral2
Date
2023-01-23 00:00:00
Modified
None
Id
80b713e2-fd02-4cfe-8ade-4fff588e150c
Tags
attack.command_and_control
Type
Nextron Sigma feed only (private)

Rule History

THOR Logo  Scan your endpoints, forensic images or collected files with our portable scanner THOR
  Warning: Access to VALHALLA is rate-limited - once you prove unworthy, access gets denied
  Nextron Systems 2022