alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Trojan Downloader User-Agent (NOPE)"; flow:established,to_server; content:"User-Agent|3a| N0PE?"; http_header; reference:url,support.clean-mx.de/clean-mx/view_joebox.php?md5=b0b7c391d084974b2666c1c57b349b62&id=711369; reference:url,www.virustotal.com/file-scan/report.html?id=54dcad20b326a409c09f1b059925ba4ba260ef58297cda1421ffca79942a96a5-1305296734; classtype:trojan-activity; sid:2013702; rev:3; metadata:affected_product Any, attack_target Client_Endpoint, deployment Perimeter, tag Trojan_Downloader, signature_severity Major, created_at 2011_09_27, updated_at 2016_07_01;)

Added 2017-08-07 21:06:57 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Trojan Downloader User-Agent (NOPE)"; flow:established,to_server; content:"User-Agent|3a| N0PE?"; http_header; reference:url,support.clean-mx.de/clean-mx/view_joebox.php?md5=b0b7c391d084974b2666c1c57b349b62&id=711369; reference:url,www.virustotal.com/file-scan/report.html?id=54dcad20b326a409c09f1b059925ba4ba260ef58297cda1421ffca79942a96a5-1305296734; classtype:trojan-activity; sid:2013702; rev:2;)

Added 2011-10-12 19:37:20 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Trojan Downloader User-Agent (NOPE)"; flow:established,to_server; content:"User-Agent|3a| N0PE?"; http_header; classtype:trojan-activity; reference:url,support.clean-mx.de/clean-mx/view_joebox.php?md5=b0b7c391d084974b2666c1c57b349b62&id=711369; reference:url,www.virustotal.com/file-scan/report.html?id=54dcad20b326a409c09f1b059925ba4ba260ef58297cda1421ffca79942a96a5-1305296734; sid:2013702; rev:2;)

Added 2011-09-27 22:24:19 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats