TROJAN: ESXiArgs Ransomware Command and Control Traffic
This signature detects malicious activity carried out by the ESXiArgs Ransomware. ESXiArgs Ransomware specifically targets VMware ESXi servers. The infected host should be removed from the network for analysis.
Short Name
TROJAN:ESXIARGS-RANS-CNC
Severity
Major
Recommended
False
Recommended Action
None
Category
TROJAN
Keywords
Command Control ESXiArgs Ransomware Traffic and
Release Date
03/16/2024
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3687
False Positive
Unknown