MALWARE-C2 CryptBot HTTP Connection

Rule ID

1232644

Severity

High

Description

CryptBot is a typical infostealer, capable of obtaining credentials for browsers, crypto currency wallets, browser cookies, credit cards, and creates screenshots of the infected system. All stolen data archived and uploaded to the C2 server.

Impact

Information disclosure

Recommendation

Update vendor's patch.

IPS Category

Malware traffic

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

References

T1555.003

T1518

T1082

T1071.001

T1005

T1560

Keywords

N/A

Date Created

2023/04/28

Last Updated

2023/04/28

This website uses cookies to ensure you get the best experience on our website.

Learn more