alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN W32/Virus-Encoder Ransomware Checkin"; flow:established,to_server; content:"POST"; http_method; content:"submit=submit&id="; http_client_body; fast_pattern; content:"&guid="; http_client_body; content:"&pc="; http_client_body; content:"&mail="; http_client_body; content:!"Referer|3a|"; http_header; content:!"User-Agent|3a|"; http_header; metadata: former_category MALWARE; reference:md5,57a69d5130d32da0a278c72137ca58ee; classtype:trojan-activity; sid:2022737; rev:3; metadata:created_at 2016_04_15, updated_at 2020_06_30;)

Added 2020-06-30 18:28:25 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN W32/Virus-Encoder Ransomware Checkin"; flow:established,to_server; content:"POST"; http_method; content:"submit=submit&id="; http_client_body; fast_pattern; content:"&guid="; http_client_body; content:"&pc="; http_client_body; content:"&mail="; http_client_body; content:!"Referer|3a|"; http_header; content:!"User-Agent|3a|"; http_header; metadata: former_category MALWARE; reference:md5,57a69d5130d32da0a278c72137ca58ee; classtype:trojan-activity; sid:2022737; rev:3; metadata:created_at 2016_04_15, updated_at 2016_04_15;)

Added 2019-09-26 19:58:08 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN W32/Virus-Encoder Ransomware Checkin"; flow:established,to_server; content:"POST"; http_method; content:"submit=submit&id="; http_client_body; fast_pattern; content:"&guid="; http_client_body; content:"&pc="; http_client_body; content:"&mail="; http_client_body; content:!"Referer|3a|"; http_header; content:!"User-Agent|3a|"; http_header; reference:md5,57a69d5130d32da0a278c72137ca58ee; classtype:trojan-activity; sid:2022737; rev:3; metadata:created_at 2016_04_15, updated_at 2016_04_15;)

Added 2018-09-13 19:52:30 UTC


Added 2018-09-13 18:00:52 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN W32/Virus-Encoder Ransomware Checkin"; flow:established,to_server; content:"POST"; http_method; content:"submit=submit&id="; http_client_body; fast_pattern; content:"&guid="; http_client_body; content:"&pc="; http_client_body; content:"&mail="; http_client_body; content:!"Referer|3a|"; http_header; content:!"User-Agent|3a|"; http_header; reference:md5,57a69d5130d32da0a278c72137ca58ee; classtype:trojan-activity; sid:2022737; rev:3; metadata:created_at 2016_04_15, updated_at 2016_04_15;)

Added 2017-08-07 21:17:42 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN W32/Virus-Encoder Ransomware Checkin"; flow:established,to_server; content:"POST"; http_method; content:"submit=submit&id="; http_client_body; fast_pattern; content:"&guid="; http_client_body; content:"&pc="; http_client_body; content:"&mail="; http_client_body; content:!"Referer|3a|"; http_header; content:!"User-Agent|3a|"; http_header; reference:md5,57a69d5130d32da0a278c72137ca58ee; classtype:trojan-activity; sid:2022737; rev:3;)

Added 2016-04-15 17:48:52 UTC


Topic revision: r1 - 2020-06-30 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats