alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET TROJAN Blackshades Payload Download Command"; flow:established,to_client; content:"x74|0C|64|0C|"; depth:7; content:"x49|0C|"; distance:64; classtype:trojan-activity; sid:2014101; rev:2; metadata:created_at 2012_01_04, updated_at 2012_01_04;)

Added 2017-08-07 21:07:25 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET TROJAN Blackshades Payload Download Command"; flow:established,to_client; content:"x74|0C|64|0C|"; depth:7; content:"x49|0C|"; distance:64; classtype:trojan-activity; sid:2014101; rev:2;)

Added 2012-01-06 16:36:41 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats