SID 1:64118

Report a false positive

Rule Category

MALWARE-OTHER --

Alert Message

MALWARE-OTHER Win.Ransomware.Cicada3301 download attempt

Rule Explanation

This rules specifically looks for known-unique strings inside a Cicada3301 ransomware executable.

What To Look For

This rule detects a malicious executable download attempt

Known Usage

Attacks/Scans seen in the wild

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

Rule Groups

No rule groups

CVE

None

Additional Links

virustotal.com/gui/file/3969e1a88a063155a6f61b0ca1ac33114c1a39151f3c7dd019084abd30553eab

Rule Vulnerability

No information provided

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.

None