MALWARE-C2 CryptBot HTTP Connection

Rule ID

1232644

Severity

High

Description

CryptBot is a typical infostealer, capable of obtaining credentials for browsers, crypto currency wallets, browser cookies, credit cards, and creates screenshots of the infected system. All stolen data archived and uploaded to the C2 server.

Impact

Information disclosure

Recommendation

Update vendor's patch.

IPS Category

Malware traffic

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

Reference

T1204

T1218

T1555.003

T1518

T1082

T1071.001

T1005

T1560

T1027

Keyword

N/A

Created At

2023/04/28

Updated At

2023/04/28

This website uses cookies to ensure you get the best experience on our website.