alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET TROJAN Possible Office Doc with Embedded VBA containing Reverse Meterpreter Shell"; flow:established,from_server; flowbits:isset,et.DocVBAProject; file_data; content:"windows/meterpreter/reverse_"; nocase; reference:url,github.com/enigma0x3/Generate-Macro/blob/master/Generate-Macro.ps1; classtype:trojan-activity; sid:2020170; rev:2; metadata:created_at 2015_01_12, former_category MALWARE, updated_at 2015_01_12;)

Added 2020-12-15 18:45:11 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET TROJAN Possible Office Doc with Embedded VBA containing Reverse Meterpreter Shell"; flow:established,from_server; flowbits:isset,et.DocVBAProject; file_data; content:"windows/meterpreter/reverse_"; nocase; reference:url,github.com/enigma0x3/Generate-Macro/blob/master/Generate-Macro.ps1; classtype:trojan-activity; sid:2020170; rev:2; metadata:created_at 2015_01_12, updated_at 2015_01_12;)

Added 2018-09-13 19:50:18 UTC


Added 2018-09-13 17:59:34 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET TROJAN Possible Office Doc with Embedded VBA containing Reverse Meterpreter Shell"; flow:established,from_server; flowbits:isset,et.DocVBAProject; file_data; content:"windows/meterpreter/reverse_"; nocase; reference:url,github.com/enigma0x3/Generate-Macro/blob/master/Generate-Macro.ps1; classtype:trojan-activity; sid:2020170; rev:2; metadata:created_at 2015_01_12, updated_at 2015_01_12;)

Added 2017-08-07 21:14:35 UTC


Topic revision: r1 - 2020-12-15 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats