ET MALWARE Potential-Hiloti/FakeAV site access
Sourceet/open
Fileemerging-malware.rules
CreatedOctober 6, 2010
UpdatedMarch 17, 2024
Classificationtrojan-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Potential-Hiloti/FakeAV site access"; flow:established,to_server ; http.uri; content:"?p=p52dcW"; fast_pattern; pcre:"/\/\?p=p52dcW[A-Za-z]{4}/"; classtype:trojan-activity; sid:2011591; rev:6; metadata:created_at 2010_10_06, signature_severity Major, updated_at 2024_03_17;)
Metadata
created at2010_10_06
signature severityMajor
updated at2024_03_17
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!