ET MALWARE Koobface fetch C&C command detected
Sourceet/open
Fileemerging-malware.rules
CreatedJuly 30, 2010
UpdatedMarch 16, 2024
Classificationcommand-and-control
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Koobface fetch C&C command detected"; flow:established,to_server ; http.uri; content:".php"; nocase; http.request_body; content:"f=0&a="; fast_pattern; content:"&v="; content:"&c="; content:"&s="; content:"&l="; content:"&ck="; content:"&c_fb="; content:"&c_ms="; content:"&c_hi="; content:"&c_be="; content:"&c_fr="; content:"&c_yb="; content:"&c_tg="; content:"&c_nl="; content:"&c_fu="; reference:url,us.trendmicro.com/imperia/md/content/us/trendwatch/researchandanalysis/the_20heart_20of_20koobface_final_1_.pdf ; classtype:command-and-control; sid:2010153; rev:7; metadata:created_at 2010_07_30, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_16;)
References
Metadata
created at2010_07_30
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2024_03_16
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!