2015985 < Main < EmergingThreats

EmergingThreats>

Main Web>2015985 (2020-12-11, TWikiGuest)

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Win32/Kuluoz.B Request"; flow:established,to_server; content:"GET"; http_method; pcre:"/\/[a-f0-9]+$/Ui"; content:"Windows NT 9.0|3b|"; http_header; pcre:"/^Host\x3a\s*(\d{1,3}\.){3}\d{1,3}(\x3a\d{1,5})?\r?$/Hmi"; reference:md5,0282bc929bae27ef95733cfa390b10e0; classtype:trojan-activity; sid:2015985; rev:4; metadata:created_at 2012_12_04, updated_at 2020_12_10;)

Added 2020-12-11 18:27:46 UTC

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Win32/Kuluoz.B Request"; flow:established,to_server; content:"GET"; http_method; pcre:"/\/[a-f0-9]+$/Ui"; content:"Windows NT 9.0|3b|"; http_header; pcre:"/^Host\x3a\s*(\d{1,3}\.){3}\d{1,3}(\x3a\d{1,5})?\r?$/Hmi"; reference:md5,0282bc929bae27ef95733cfa390b10e0; classtype:trojan-activity; sid:2015985; rev:4; metadata:created_at 2012_12_04, updated_at 2020_04_23;)

Added 2020-04-23 18:33:58 UTC

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Win32/Kuluoz.B Request"; flow:established,to_server; content:"GET"; http_method; pcre:"/\/[a-f0-9]+$/Ui"; content:"Windows NT 9.0|3b|"; http_header; pcre:"/^Host\x3a\s*(\d{1,3}\.){3}\d{1,3}(\x3a\d{1,5})?\r?$/Hmi"; reference:md5,0282bc929bae27ef95733cfa390b10e0; classtype:trojan-activity; sid:2015985; rev:4; metadata:created_at 2012_12_04, updated_at 2012_12_04;)

Added 2018-09-13 19:45:55 UTC

Added 2018-09-13 17:57:05 UTC

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Win32/Kuluoz.B Request"; flow:established,to_server; content:"GET"; http_method; pcre:"/\/[a-f0-9]+$/Ui"; content:"Windows NT 9.0|3b|"; http_header; pcre:"/^Host\x3a\s*(\d{1,3}\.){3}\d{1,3}(\x3a\d{1,5})?\r?$/Hmi"; reference:md5,0282bc929bae27ef95733cfa390b10e0; classtype:trojan-activity; sid:2015985; rev:4; metadata:created_at 2012_12_04, updated_at 2012_12_04;)

Added 2017-08-07 21:09:37 UTC

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Win32/Kuluoz.B Request"; flow:established,to_server; content:"GET"; http_method; pcre:"/\/[a-f0-9]+$/Ui"; content:"Windows NT 9.0|3b|"; http_header; pcre:"/^Host\x3a\s*(\d{1,3}\.){3}\d{1,3}(\x3a\d{1,5})?\r?$/Hmi"; reference:md5,0282bc929bae27ef95733cfa390b10e0; classtype:trojan-activity; sid:2015985; rev:2;)

Added 2013-02-18 18:44:22 UTC

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Win32/Kuluoz.B Request"; flow:established,to_server; content:"GET"; http_method; pcre:"/^\/[a-f0-9]+$/Ui"; content:"Windows NT 9.0|3b|"; http_header; pcre:"/^Host\x3a\s*(\d{1,3}\.){3}\d{1,3}(\x3a\d{1,5})?\r?$/Hmi"; reference:md5,0282bc929bae27ef95733cfa390b10e0; classtype:trojan-activity; sid:2015985; rev:1;)

Added 2012-12-04 19:55:45 UTC

Edit | Attach | Print version | History: r1 | Backlinks | Raw View | WYSIWYG | More topic actions

Topic revision: r1 - 2020-12-11 - TWikiGuest

Main

Log In

User Reference
ATasteOfTWiki
TextFormattingRules

Signature Reference
WebRss Feed
EmergingFAQ

Copyright © Emerging Threats