ET MALWARE Delf Checkin via HTTP (5)

7.0.35.0SID: 2008044Rev: 9Enabled2 views
Sourceet/open
Fileemerging-malware.rules
CreatedJuly 30, 2010
UpdatedApril 21, 2020
Classificationcommand-and-control
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Delf Checkin via HTTP (5)"; flow:established,to_server; http.method; content:"POST"; nocase; http.uri; content:".php"; nocase; http.request_body; content:"email="; nocase; content:"&computador="; distance:0; nocase; content:"&nomfile="; distance:0; nocase; content:"&user="; distance:0; nocase; classtype:command-and-control; sid:2008044; rev:9; metadata:created_at 2010_07_30, signature_severity Major, updated_at 2020_04_21;)

Metadata

created at2010_07_30
signature severityMajor
updated at2020_04_21

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!