#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Trojan-GameThief.Win32.OnLineGames.bnye Checkin"; flow:to_server,established; content:"|20|HTTP|2f|1|2e|1|0d 0a|User-Agent|3a 20|"; fast_pattern; content:"|0d 0a|Host|3a 20|"; within:13; content:"|3a|8080|0d 0a|Cache-Control|3a 20|no-cache|0d 0a 0d 0a|"; distance:0; content:!"|0d 0a|Accept"; http_header; pcre:"/User-Agent\x3a\x20[a-z]{3,4}\x0d\x0a/H"; reference:url,www.threatexpert.com/report.aspx?md5=014945cf93ffc94833f7a3efd92fe263; classtype:trojan-activity; sid:2012736; rev:9; metadata:created_at 2011_04_28, updated_at 2011_04_28;)

Added 2017-08-07 21:05:55 UTC


#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Trojan-GameThief.Win32.OnLineGames.bnye Checkin"; flow:to_server,established; content:"|20|HTTP|2f|1|2e|1|0d 0a|User-Agent|3a 20|"; fast_pattern; content:"|0d 0a|Host|3a 20|"; within:13; content:"|3a|8080|0d 0a|Cache-Control|3a 20|no-cache|0d 0a 0d 0a|"; distance:0; content:!"|0d 0a|Accept"; http_header; pcre:"/User-Agent\x3a\x20[a-z]{3,4}\x0d\x0a/H"; reference:url,www.threatexpert.com/report.aspx?md5=014945cf93ffc94833f7a3efd92fe263; classtype:trojan-activity; sid:2012736; rev:9;)

Added 2014-09-12 16:28:32 UTC


#alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS Trojan-GameThief.Win32.OnLineGames.bnye Checkin"; flow:to_server,established; content:"|20|HTTP|2f|1|2e|1|0d 0a|User-Agent|3a 20|"; fast_pattern; content:"|0d 0a|Host|3a 20|"; within:13; content:"|3a|8080|0d 0a|Cache-Control|3a 20|no-cache|0d 0a 0d 0a|"; distance:0; content:!"|0d 0a|Accept"; http_header; pcre:"/User-Agent\x3a\x20[a-z]{3,4}\x0d\x0a/H"; reference:url,www.threatexpert.com/report.aspx?md5=014945cf93ffc94833f7a3efd92fe263; classtype:trojan-activity; sid:2012736; rev:8;)

Added 2011-10-12 19:35:05 UTC


#alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS Trojan-GameThief.Win32.OnLineGames.bnye Checkin"; flow:to_server,established; content:"|20|HTTP|2f|1|2e|1|0d 0a|User-Agent|3a 20|"; fast_pattern; content:"|0d 0a|Host|3a 20|"; within:13; content:"|3a|8080|0d 0a|Cache-Control|3a 20|no-cache|0d 0a 0d 0a|"; distance:0; content:!"|0d 0a|Accept"; http_header; pcre:"/User-Agent\x3a\x20[a-z]{3,4}\x0d\x0a/H"; classtype:trojan-activity; reference:url,www.threatexpert.com/report.aspx?md5=014945cf93ffc94833f7a3efd92fe263; sid:2012736; rev:8;)

Added 2011-05-02 21:04:32 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS Trojan-GameThief.Win32.OnLineGames.bnye Checkin"; flow:to_server,established; content:"|20|HTTP|2f|1|2e|1|0d 0a|User-Agent|3a 20|"; fast_pattern; content:"|0d 0a|Host|3a 20|"; within:13; content:"|3a|8080|0d 0a|Cache-Control|3a 20|no-cache|0d 0a 0d 0a|"; distance:0; content:!"|0d 0a|Accept"; http_header; pcre:"/User-Agent\x3a\x20[a-z]{3,4}\x0d\x0a/H"; classtype:trojan-activity; reference:url,www.threatexpert.com/report.aspx?md5=014945cf93ffc94833f7a3efd92fe263; sid:2012736; rev:8;)

Added 2011-05-02 14:42:51 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS Trojan-GameThief.Win32.OnLineGames.bnye Checkin"; flow:to_server,established; content:"|20|HTTP|2f|1|2e|1|0d 0a|User-Agent|3a 20|"; fast_pattern; content:"|0d 0a|Host|3a 20|"; within:13; content:"|3a|8080|0d 0a|Cache-Control|3a 20|no-cache|0d 0a 0d 0a|"; distance:0; content:!"|0d 0a|Accept"; http_header; pcre:"/User-Agent\x3a\x20[a-z]{3,4}\x0d\x0a/H"; classtype:trojan-activity; reference:url,www.threatexpert.com/report.aspx?md5=014945cf93ffc94833f7a3efd92fe263; sid:2012736; rev:8;)

Added 2011-05-02 14:23:36 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS Trojan-GameThief.Win32.OnLineGames.bnye Checkin"; flow:to_server,established; content:"|20|HTTP|2f|1|2e|1|0d 0a|User-Agent|3a 20|"; fast_pattern; content:"|0d 0a|Host|3a 20|"; within:13; content:"|3a|8080|0d 0a|Cache-Control|3a 20|no-cache|0d 0a 0d 0a|"; distance:0; content:!"|0d 0a|Accept"; http_header; pcre:"/User-Agent\x3a\x20[a-z]{3,4}\x0d\x0a/H"; classtype:trojan-activity; reference:url,www.threatexpert.com/report.aspx?md5=014945cf93ffc94833f7a3efd92fe263; sid:2012736; rev:8;)

Added 2011-05-02 14:04:14 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS Trojan-GameThief.Win32.OnLineGames.bnye Checkin"; flow:to_server,established; content:"|20|HTTP|2f|1|2e|1|0d 0a|User-Agent|3a 20|"; fast_pattern; content:"|0d 0a|Host|3a 20|"; within:13; content:"|3a|8080|0d 0a|Cache-Control|3a 20|no-cache|0d 0a 0d 0a|"; distance:0; content:!"|0d 0a|Accept"; http_header; pcre:"/User-Agent\x3a\x20[a-z]{3,4}\x0d\x0a/H"; classtype:trojan-activity; reference:url,www.threatexpert.com/report.aspx?md5=014945cf93ffc94833f7a3efd92fe263; sid:2012736; rev:8;)

Added 2011-05-01 20:54:01 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS Trojan-GameThief.Win32.OnLineGames.bnye Checkin"; flow:to_server,established; content:"|20|HTTP|2f|1|2e|1|0d 0a|User-Agent|3a 20|"; fast_pattern; content:"|0d 0a|Host|3a 20|"; within:13; content:"|3a|8080|0d 0a|Cache-Control|3a 20|no-cache|0d 0a 0d 0a|"; distance:0; content:!"|0d 0a|Accept"; http_header; pcre:"/User-Agent\x3a\x20[a-z]{3,4}\x0d\x0a/H"; classtype:trojan-activity; reference:url,www.threatexpert.com/report.aspx?md5=014945cf93ffc94833f7a3efd92fe263; sid:2012736; rev:8;)

Added 2011-04-29 17:39:43 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Trojan-GameThief.Win32.OnLineGames.bnye Checkin"; flow:to_server,established; content:"|20|HTTP|2f|1|2e|1|0d 0a|User-Agent|3a 20|"; fast_pattern; content:"|0d 0a|Host|3a 20|"; within:13; content:!"|0d 0a|Accept"; pcre:"/User-Agent\x3a\x20[a-z]{4,5}/Hi"; classtype:trojan-activity; reference:url,www.threatexpert.com/report.aspx?md5=014945cf93ffc94833f7a3efd92fe263; sid:2012736; rev:4;)

Added 2011-04-28 19:56:37 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats