#alert tcp $HOME_NET any -> $EXTERNAL_NET 1433 (msg:"ET TROJAN TrojanSpy.Win32/Banker.AMB SQL Checkin"; flow:established,to_server; content:"I|00|N|00|S|00|E|00|R|00|T"; content:"I|00|N|00|T|00|O"; distance:0; content:"B|00|R|00|O|00|W|00|S|00|E|00|R|00|L|00|O|00|G|00|U|00|S|00|B|00|"; reference:md5,dd141287cb45a2067592eeb9d3aa7162; classtype:trojan-activity; sid:2018645; rev:2; metadata:created_at 2014_07_07, former_category MALWARE, updated_at 2014_07_07;)

Added 2020-11-20 19:36:45 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 1433 (msg:"ET TROJAN TrojanSpy.Win32/Banker.AMB SQL Checkin"; flow:established,to_server; content:"I|00|N|00|S|00|E|00|R|00|T"; content:"I|00|N|00|T|00|O"; distance:0; content:"B|00|R|00|O|00|W|00|S|00|E|00|R|00|L|00|O|00|G|00|U|00|S|00|B|00|"; reference:md5,dd141287cb45a2067592eeb9d3aa7162; classtype:trojan-activity; sid:2018645; rev:2; metadata:created_at 2014_07_07, former_category MALWARE, updated_at 2014_07_07;)

Added 2020-08-05 19:09:55 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 1433 (msg:"ET TROJAN TrojanSpy.Win32/Banker.AMB SQL Checkin"; flow:established,to_server; content:"I|00|N|00|S|00|E|00|R|00|T"; content:"I|00|N|00|T|00|O"; distance:0; content:"B|00|R|00|O|00|W|00|S|00|E|00|R|00|L|00|O|00|G|00|U|00|S|00|B|00|"; metadata: former_category MALWARE; reference:md5,dd141287cb45a2067592eeb9d3aa7162; classtype:trojan-activity; sid:2018645; rev:2; metadata:created_at 2014_07_07, updated_at 2014_07_07;)

Added 2019-09-26 19:57:39 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 1433 (msg:"ET TROJAN TrojanSpy.Win32/Banker.AMB SQL Checkin"; flow:established,to_server; content:"I|00|N|00|S|00|E|00|R|00|T"; content:"I|00|N|00|T|00|O"; distance:0; content:"B|00|R|00|O|00|W|00|S|00|E|00|R|00|L|00|O|00|G|00|U|00|S|00|B|00|"; reference:md5,dd141287cb45a2067592eeb9d3aa7162; classtype:trojan-activity; sid:2018645; rev:2; metadata:created_at 2014_07_07, updated_at 2014_07_07;)

Added 2018-09-13 19:48:56 UTC


Added 2018-09-13 17:58:46 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 1433 (msg:"ET TROJAN TrojanSpy.Win32/Banker.AMB SQL Checkin"; flow:established,to_server; content:"I|00|N|00|S|00|E|00|R|00|T"; content:"I|00|N|00|T|00|O"; distance:0; content:"B|00|R|00|O|00|W|00|S|00|E|00|R|00|L|00|O|00|G|00|U|00|S|00|B|00|"; reference:md5,dd141287cb45a2067592eeb9d3aa7162; classtype:trojan-activity; sid:2018645; rev:2; metadata:created_at 2014_07_07, updated_at 2014_07_07;)

Added 2017-08-07 21:12:45 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 1433 (msg:"ET TROJAN TrojanSpy.Win32/Banker.AMB SQL Checkin"; flow:established,to_server; content:"I|00|N|00|S|00|E|00|R|00|T"; content:"I|00|N|00|T|00|O"; distance:0; content:"B|00|R|00|O|00|W|00|S|00|E|00|R|00|L|00|O|00|G|00|U|00|S|00|B|00|"; reference:md5,dd141287cb45a2067592eeb9d3aa7162; classtype:trojan-activity; sid:2018645; rev:2;)

Added 2014-07-07 16:58:57 UTC


Topic revision: r1 - 2020-11-21 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats