alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Trojan Downloader User-Agent (NOPE)"; flow:established,to_server; content:"User-Agent|3a| N0PE?"; http_header; reference:url,support.clean-mx.de/clean-mx/view_joebox.php?md5=b0b7c391d084974b2666c1c57b349b62&id=711369; reference:url,www.virustotal.com/file-scan/report.html?id=54dcad20b326a409c09f1b059925ba4ba260ef58297cda1421ffca79942a96a5-1305296734; classtype:trojan-activity; sid:2013702; rev:2;)

Added 2011-10-12 19:37:20 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Trojan Downloader User-Agent (NOPE)"; flow:established,to_server; content:"User-Agent|3a| N0PE?"; http_header; classtype:trojan-activity; reference:url,support.clean-mx.de/clean-mx/view_joebox.php?md5=b0b7c391d084974b2666c1c57b349b62&id=711369; reference:url,www.virustotal.com/file-scan/report.html?id=54dcad20b326a409c09f1b059925ba4ba260ef58297cda1421ffca79942a96a5-1305296734; sid:2013702; rev:2;)

Added 2011-09-27 22:24:19 UTC


Topic revision: r1 - 2011-10-12 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats