alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET MALWARE W32/GameVance Adware Server Reponse To Client Checkin"; flow:established,to_client; file_data; content:"cfgint="; within:7; content:"cid="; within:30; content:"eus="; within:30; content:"esint="; within:30; content:"sc2dcnt="; within:30; content:"domfqcap="; within:30; content:"domtm="; within:30; content:"css="; within:30; classtype:trojan-activity; sid:2014605; rev:4;)

Added 2012-04-20 17:05:30 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET MALWARE W32/GameVance Adware Server Reponse To Client Checkin"; flow:established,to_client; file_data; content:"cfgint="; within:7; content:"cid="; within:30; content:"eus="; within:30; content:"esint="; within:30; content:"sc2dcnt="; within:30; content:"domfqcap="; within:30; content:"domtm="; within:30; content:"css="; within:30; classtype:trojan-activity; sid:2014605; rev:3;)

Added 2012-04-19 18:16:42 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET TROJAN W32/GameVance Adware Server Reponse To Client Checkin"; flow:established,to_client; file_data; content:"cfgint="; within:7; content:"cid="; within:30; content:"eus="; within:30; content:"esint="; within:30; content:"sc2dcnt="; within:30; content:"domfqcap="; within:30; content:"domtm="; within:30; content:"css="; within:30; classtype:trojan-activity; sid:2014605; rev:3;)

Added 2012-04-18 23:05:27 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET TROJAN W32/GameVance Server Reponse To Client Checkin"; flow:established,to_client; file_data; content:"cfgint="; within:7; content:"cid="; within:30; content:"eus="; within:30; content:"esint="; within:30; content:"sc2dcnt="; within:30; content:"domfqcap="; within:30; content:"domtm="; within:30; content:"css="; within:30; classtype:trojan-activity; sid:2014605; rev:2;)

Added 2012-04-17 21:48:39 UTC


Topic revision: r1 - 2012-04-20 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats