alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN BlackMonay? Checkin"; flow:established,to_server; content:".Php?UserName="; nocase; http_uri; content:"&Bank="; nocase; http_uri; content:"&Money="; nocase; http_uri; content:"Accept-Language|3A 20|zh-cn"; http_header; metadata: former_category MALWARE; reference:md5,4a203e37caa2e04671388341419bda69; classtype:trojan-activity; sid:2014306; rev:3; metadata:created_at 2012_03_05, updated_at 2020_04_21;)

Added 2020-04-21 19:24:07 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN BlackMonay? Checkin"; flow:established,to_server; content:".Php?UserName="; nocase; http_uri; content:"&Bank="; nocase; http_uri; content:"&Money="; nocase; http_uri; content:"Accept-Language|3A 20|zh-cn"; http_header; metadata: former_category MALWARE; reference:md5,4a203e37caa2e04671388341419bda69; classtype:trojan-activity; sid:2014306; rev:3; metadata:created_at 2012_03_05, updated_at 2012_03_05;)

Added 2019-09-26 19:57:05 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN BlackMonay? Checkin"; flow:established,to_server; content:".Php?UserName="; nocase; http_uri; content:"&Bank="; nocase; http_uri; content:"&Money="; nocase; http_uri; content:"Accept-Language|3A 20|zh-cn"; http_header; reference:md5,4a203e37caa2e04671388341419bda69; classtype:trojan-activity; sid:2014306; rev:3; metadata:created_at 2012_03_05, updated_at 2012_03_05;)

Added 2018-09-13 19:44:14 UTC


Added 2018-09-13 17:56:12 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN BlackMonay? Checkin"; flow:established,to_server; content:".Php?UserName="; nocase; http_uri; content:"&Bank="; nocase; http_uri; content:"&Money="; nocase; http_uri; content:"Accept-Language|3A 20|zh-cn"; http_header; reference:md5,4a203e37caa2e04671388341419bda69; classtype:trojan-activity; sid:2014306; rev:3; metadata:created_at 2012_03_05, updated_at 2012_03_05;)

Added 2017-08-07 21:07:40 UTC



This topic: Main > 2014306
Topic revision: r1 - 2020-04-21 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats