Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- RoyalAPT:
- 016948ec7743b09e41b6968b42dfade5480774df3baf915e4c8753f5f90d1734
- RoyalAPT C2:
- buy.healthcare-internet[.]com
- Snort:
- alert tcp $HOME_NET any -> $EXTERNAL_NET 80 (msg:"Possible RoyalAPT traffic POST"; flow:established,to_server; http_uri; content:"/image_download.php?uid="; http_uri; reference:url,https://www.intezer.com/miragefox-apt15-resurfaces-with-new-tools-based-on-old-ones/; classtype:Trojan-activity; rev:1;)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement