alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET TROJAN Blackshades Payload Download Command"; flow:established,to_client; content:"x74|0C|64|0C|"; depth:7; content:"x49|0C|"; distance:64; classtype:trojan-activity; sid:2014101; rev:2;)

Added 2012-01-06 16:36:41 UTC


Topic revision: r1 - 2012-01-06 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats