alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN LokiBot? User-Agent (Charon/Inferno)"; flow:established,to_server; content:"(Charon|3b| Inferno)"; http_user_agent; fast_pattern:only; metadata: former_category TROJAN; classtype:trojan-activity; sid:2021641; rev:6; metadata:created_at 2015_08_17, updated_at 2018_04_13;)

Added 2018-09-13 19:51:35 UTC


Added 2018-09-13 18:00:18 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN LokiBot? User-Agent (Charon/Inferno)"; flow:established,to_server; content:"(Charon|3b| Inferno)"; http_user_agent; fast_pattern:only; metadata: former_category TROJAN; classtype:trojan-activity; sid:2021641; rev:6; metadata:created_at 2015_08_17, updated_at 2018_04_13;)

Added 2018-04-16 17:40:05 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN LokiBot? User-Agent (Charon/Inferno)"; flow:established,to_server; content:"(Charon|3b| Inferno)"; http_user_agent; fast_pattern:only; metadata: former_category TROJAN; classtype:trojan-activity; sid:2021641; rev:5; metadata:created_at 2015_08_17, updated_at 2018_04_13;)

Added 2018-04-13 17:29:03 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Loki Bot User-Agent (Charon/Inferno)"; flow:established,to_server; content:"(Charon|3b| Inferno)"; http_user_agent; fast_pattern:only; classtype:trojan-activity; sid:2021641; rev:5; metadata:created_at 2015_08_17, updated_at 2016_09_22;)

Added 2017-08-07 21:16:21 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Loki Bot User-Agent (Charon/Inferno)"; flow:established,to_server; content:"(Charon|3b| Inferno)"; http_user_agent; fast_pattern:only; classtype:trojan-activity; sid:2021641; rev:5;)

Added 2016-09-22 17:54:45 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Fareit/Pony Loader User-Agent (Charon/Inferno)"; flow:established,to_server; content:"(Charon|3b| Inferno)"; http_user_agent; fast_pattern:only; classtype:trojan-activity; sid:2021641; rev:4;)

Added 2016-08-25 16:52:12 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Fareit/Pony Loader User-Agent"; flow:established,to_server; content:"(Charon|3b| Inferno)"; http_user_agent; fast_pattern:only; classtype:trojan-activity; sid:2021641; rev:3;)

Added 2015-08-17 18:58:12 UTC


Topic revision: r1 - 2018-09-13 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats