1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. System Infected: Infostealer.Scranos Activity

System Infected: Infostealer.Scranos Activity

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects Infostealer.Scranos activity

Additional Information

Infostealer with kernel level rootkit capability. Rootkit injects code into svchost.exe which tries to download further payloads from C2 This signature detects the first level of GET request used to introduce new infection with some params to C2.

Affected

  • Windows

Response


  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube