ET MALWARE WindowsEnterpriseSuite FakeAV get_product_domains.php

7.0.35.0SID: 2010242Rev: 7Enabled5 views
Sourceet/open
Fileemerging-malware.rules
CreatedJuly 30, 2010
UpdatedApril 13, 2024
Classificationtrojan-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE WindowsEnterpriseSuite FakeAV get_product_domains.php"; flow:established,to_server; http.method; content:"GET"; startswith; http.uri; content:"/reports/get_product_domains.php?abbr="; content:"&pid="; reference:md5,d9bcb4e4d650a6ed4402fab8f9ef1387; classtype:trojan-activity; sid:2010242; rev:7; metadata:created_at 2010_07_30, signature_severity Major, updated_at 2024_04_13;)

References

md5
d9bcb4e4d650a6ed4402fab8f9ef1387

Metadata

created at2010_07_30
signature severityMajor
updated at2024_04_13

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!