Threat ID 86798 - BruteRatel C4 Command and Control Traffic Detection

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Threat ID 86798 - BruteRatel C4 Command and Control Traffic Detection

L1 Bithead

Hi all,

 

since yesterday I see this threat as a critical. I suppouse that is false posotive action.

Didn't find any suspicious actions on the computer and just want to know is there any of you that have observed similar alerts?

 

Maybe I have to dig deeper.

 

Thanks,

2 REPLIES 2

Cyber Elite
Cyber Elite

Hello,

I have not, but doesnt mean no one else has. I would enable extended packet capture on threats and then submit the pcap to support for review.

OtakarKlier_0-1695326298497.png

 

Regards,

Thanks for that. I will take a look into it.

I can see rare occurence for that suspicious behavior.

I've implemented extended packet logging already and will see what to do next ...

  • 3100 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!