ET MALWARE Rogue A/V Win32/FakeXPA GET Request

7.0.35.0SID: 2009209Rev: 6Disabled2 views
Sourceet/open
Fileemerging-malware.rules
CreatedJuly 30, 2010
UpdatedMarch 16, 2024
Classificationtrojan-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Rogue A/V Win32/FakeXPA GET Request"; flow:established,to_server; http.uri; content:"?campaign="; content:"&country="; content:"&counter="; content:"&campaign="; content:"&landid="; fast_pattern; classtype:trojan-activity; sid:2009209; rev:6; metadata:created_at 2010_07_30, malware_family Win32_FakeXPA, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_16;)

Metadata

created at2010_07_30
malware familyWin32_FakeXPA
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2024_03_16

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!