This indicates that a system might be infected by DCRat Botnet.
DCRat is a remote control and info stealer malware. It has abilities to steal password credentials, log keystrokes, take screenshots, and execute arbitrary commands.

affected-products-logoAffected Products

Any unprotected Windows system is vulnerable.

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

If required, the signature's action can be set to "Block".
Please use Anti-Virus software to scan and clean the infected devices.

Telemetry logoTelemetry


IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2022-01-19 19.244