alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Trojan-Downloader.Win32.Small Checkin"; flow:to_server,established; content:"GET"; http_method; nocase; content:"|2e|ashx|3f|m|3d|"; http_uri; content:"|2d|"; distance:2; within:1; http_uri; content:"|26|mid|3d|"; http_uri; distance:0; content:"|26|tid|3d|"; http_uri; distance:0; content:"|26|d|3d|"; http_uri; distance:0; content:"|26|uid|3d|"; http_uri; distance:0; content:"|26|t|3d|"; http_uri; distance:0; reference:url,threatexpert.com/report.aspx?md5=48432bdd116dccb684c8cef84579b963; classtype:trojan-activity; sid:2012839; rev:4; metadata:created_at 2011_05_23, updated_at 2011_05_23;)

Added 2017-08-07 21:06:02 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 27889 (msg:"ET TROJAN Trojan-Downloader.Win32.Small Checkin"; flow:to_server,established; content:"GET"; nocase; http_method; content:"|2e|ashx|3f|m|3d|"; content:"|2d|"; distance:2; within:1; content:"|26|mid|3d|"; distance:0; content:"|26|tid|3d|"; distance:0; content:"|26|d|3d|"; distance:0; content:"|26|uid|3d|"; distance:0; content:"|26|t|3d|"; distance:0; reference:url,threatexpert.com/report.aspx?md5=48432bdd116dccb684c8cef84579b963; classtype:trojan-activity; sid:2012839; rev:3;)

Added 2012-03-20 17:59:11 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 27889 (msg:"ET TROJAN Trojan-Downloader.Win32.Small Checkin"; flow:to_server,established; content:"GET"; http_method; content:"|2e|ashx|3f|m|3d|"; content:"|2d|"; distance:2; within:1; content:"|26|mid|3d|"; distance:0; content:"|26|tid|3d|"; distance:0; content:"|26|d|3d|"; distance:0; content:"|26|uid|3d|"; distance:0; content:"|26|t|3d|"; distance:0; reference:url,threatexpert.com/report.aspx?md5=48432bdd116dccb684c8cef84579b963; classtype:trojan-activity; sid:2012839; rev:2;)

Added 2011-10-12 19:35:20 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 27889 (msg:"ET TROJAN Trojan-Downloader.Win32.Small Checkin"; flow:to_server,established; content:"GET"; http_method; content:"|2e|ashx|3f|m|3d|"; content:"|2d|"; distance:2; within:1; content:"|26|mid|3d|"; distance:0; content:"|26|tid|3d|"; distance:0; content:"|26|d|3d|"; distance:0; content:"|26|uid|3d|"; distance:0; content:"|26|t|3d|"; distance:0; classtype:trojan-activity; reference:url,threatexpert.com/report.aspx?md5=48432bdd116dccb684c8cef84579b963; sid:2012839; rev:2;)

Added 2011-05-23 18:40:23 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 27889 (msg:"ET TROJAN Trojan-Downloader.Win32.Small Checkin"; flow:to_server,established; content:"GET"; http_method; content:"|2e|ashx|3f|m|3d|"; content:"|2d|"; distance:2; within:1; content:"|26|mid|3d|"; distance:0; content:"|26|tid|3d|"; distance:0; content:"|26|d|3d|"; distance:0; content:"|26|uid|3d|"; distance:0; content:"|26|t|3d|"; distance:0; classtype:trojan-activity; reference:url,threatexpert.com/report.aspx?md5=48432bdd116dccb684c8cef84579b963; sid:2012839; rev:2;)

Added 2011-05-23 18:25:48 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats