The Shamoon 2 malware attack is a variant of the previous Shamoon malware attacks. This variant changes the system time of the infected host to a date in Aug 2012 which is what the content in this package is looking for. The content looks for any system changes to a date in August 2012 or a change back to the current time from a day in August 2012. We also have a trend to gather historical events persisted to the database with a Device Receipt Time of August 2012. For this content to work it’s imperative to ensure there is no time correction applied at the connector level. If you have any time correction configured on the connector we recommend rolling back to the original settings for the content to work. In addition to this, we also recommend monitoring for the following activities
The content included here relies on Activate Base 2.5.0 .0 and has been tested on ESM 6.8c to ensure backward compatibility
Suggested for you are based on app category, product compatibility, popularity, rating and newness. Some apps may not show based on entitlements. Learn more about entitlements.
Related content and resources
Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox