#alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET TROJAN FSG Packed Binary via HTTP Inbound"; flow:from_server,established; content:"|4D 5A|"; content:"|50 45 00 00 4C 01 02 00 46 53 47 21|"; distance:10; reference:url,www.securityfocus.com/infocus/1745; reference:url,doc.emergingthreats.net/2002773; classtype:trojan-activity; sid:2002773; rev:6;)

Added 2011-10-12 19:12:15 UTC


#alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET TROJAN FSG Packed Binary via HTTP Inbound"; flow:from_server,established; content:"|4D 5A|"; content:"|50 45 00 00 4C 01 02 00 46 53 47 21|"; distance:10; classtype:trojan-activity; reference:url,www.securityfocus.com/infocus/1745; reference:url,doc.emergingthreats.net/2002773; sid:2002773; rev:6;)

Added 2011-09-14 22:25:10 UTC


#alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET TROJAN FSG Packed Binary via HTTP Inbound"; flow:from_server,established; content:"|4D 5A|"; content:"|50 45 00 00 4C 01 02 00 46 53 47 21|"; distance:10; classtype:trojan-activity; reference:url,www.securityfocus.com/infocus/1745; reference:url,doc.emergingthreats.net/2002773; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_FSG_Packer; sid:2002773; rev:6;)

Added 2011-02-04 17:22:02 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET TROJAN FSG Packed Binary via HTTP Inbound"; flow:from_server,established; content:"|4D 5A|"; content:"|50 45 00 00 4C 01 02 00 46 53 47 21|"; distance:10; classtype:trojan-activity; reference:url,www.securityfocus.com/infocus/1745; reference:url,doc.emergingthreats.net/2002773; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_FSG_Packer; sid:2002773; rev:6;)

Added 2009-02-12 18:21:16 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET TROJAN FSG Packed Binary via HTTP Inbound"; flow:from_server,established; content:"|4D 5A|"; content:"|50 45 00 00 4C 01 02 00 46 53 47 21|"; distance:10; classtype:trojan-activity; reference:url,www.securityfocus.com/infocus/1745; reference:url,doc.emergingthreats.net/2002773; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_FSG_Packer; sid:2002773; rev:6;)

Added 2009-02-12 18:21:16 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET TROJAN FSG Packed Binary via HTTP Inbound"; flow:from_server,established; content:"|4D 5A|"; content:"|50 45 00 00 4C 01 02 00 46 53 47 21|"; distance:10; classtype:trojan-activity; reference:url,www.securityfocus.com/infocus/1745; sid:2002773; rev:5;)

Added 2008-06-27 16:15:54 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET TROJAN FSG Packed Binary via HTTP Inbound"; flow:from_server,established; content:"|4D 5A|"; content:"|50 45 00 00 4C 01 02 00 46 53 47 21|"; distance:10; classtype:trojan-activity; reference:url,www.securityfocus.com/infocus/1745; sid:2002773; rev:5;)

Added 2008-06-27 16:15:54 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET MALWARE Corpsespyware.net - PG 02 Inbound"; flow:from_server,established; content:"|4D 5A|"; content:"|50 45 00 00 4C 01 02 00 46 53 47 21|"; distance:10; classtype:trojan-activity; reference:url,www.securityfocus.com/infocus/1745; sid:2002773; rev:4;)

Added 2008-01-28 17:24:17 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET MALWARE Corpsespyware.net - PG 02 Inbound"; flow:from_server,established; content:"|4D 5A|"; content:"|50 45 00 00 4C 01 02 00 46 53 47 21|"; distance:10; classtype:trojan-activity; reference:url,www.securityfocus.com/infocus/1745; sid:2002773; rev:4;)

Added 2008-01-28 17:24:17 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"BLEEDING-EDGE MALWARE Corpsespyware.net - PG 02 Inbound"; flow:from_server,established; content:"|4D 5A|"; content:"|50 45 00 00 4C 01 02 00 46 53 47 21|"; distance:10; classtype:trojan-activity; reference:url,www.securityfocus.com/infocus/1745; sid:2002773; rev:3;)

Added 2007-06-03 23:30:26 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"BLEEDING-EDGE MALWARE Corpsepsyware.net - PG 02 Inbound"; flow:from_server,established; content:"|4D 5A|"; content:"|50 45 00 00 4C 01 02 00 46 53 47 21|"; distance:10; classtype:trojan-activity; reference:url,www.securityfocus.com/infocus/1745; sid:2002773; rev:2;)



Topic revision: r1 - 2011-10-12 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats