alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Papras Banking Trojan Checkin"; flow:established,to_server; content:"|4e 2a 43 cc 01 c0 2a 77|"; depth:23; http_client_body; content:"POST"; nocase; http_method; reference:url,www.threatexpert.com/report.aspx?md5=85d82c840f4b90fcb6d5311f501374ca; classtype:trojan-activity; sid:2013287; rev:4;)

Added 2012-03-20 17:59:13 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Papras Banking Trojan Checkin"; flow:established,to_server; content:"|4e 2a 43 cc 01 c0 2a 77|"; depth:23; http_client_body; content:"POST"; http_method; reference:url,www.threatexpert.com/report.aspx?md5=85d82c840f4b90fcb6d5311f501374ca; classtype:trojan-activity; sid:2013287; rev:3;)

Added 2011-10-12 19:36:31 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Papras Banking Trojan Checkin"; flow:established,to_server; content:"|4e 2a 43 cc 01 c0 2a 77|"; depth:23; http_client_body; content:"POST"; http_method; classtype:trojan-activity; reference:url,www.threatexpert.com/report.aspx?md5=85d82c840f4b90fcb6d5311f501374ca; sid:2013287; rev:3;)

Added 2011-07-20 00:26:25 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Papras Banking Trojan Checkin"; flow:established,to_server; content:"|4e 2a 43 cc 01 c0 2a 77|"; depth:14; http_client_body; content:"POST"; http_method; classtype:trojan-activity; reference:url,www.threatexpert.com/report.aspx?md5=85d82c840f4b90fcb6d5311f501374ca; sid:2013287; rev:2;)

Added 2011-07-19 09:37:54 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Papras Banking Trojan Checkin"; flow:established,to_server; content:"|4e 2a 43 cc 01 c0 2a 77|"; depth:14; http_client_body; content:"POST"; http_method; classtype:trojan-activity; reference:url,www.threatexpert.com/report.aspx?md5=85d82c840f4b90fcb6d5311f501374ca; sid:2013287; rev:2;)

Added 2011-07-19 00:15:48 UTC


Topic revision: r1 - 2012-03-20 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats