alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET MALWARE Ezula Update Engine"; flow: to_server,established; content:"User-Agent\: 3a"; nocase; reference:url,www.spywareguide.com/product_show.php?id=9; classtype:trojan-activity; sid:2002163; rev:5;)

Added 2008-01-28 17:24:20 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET MALWARE Ezula Update Engine"; flow: to_server,established; content:"User-Agent\: 3a"; nocase; reference:url,www.spywareguide.com/product_show.php?id=9; classtype:trojan-activity; sid:2002163; rev:5;)

Added 2008-01-28 17:24:20 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg: "BLEEDING-EDGE MALWARE Ezula Update Engine"; flow: to_server,established; content:"User-Agent\: 3a"; nocase; reference:url,www.spywareguide.com/product_show.php?id=9; classtype:trojan-activity; sid:2002163; rev:4;)



Topic revision: r1 - 2008-01-28 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats