ET MALWARE Backdoor Win32/Begman.A Checkin
Sourceet/open
Fileemerging-malware.rules
CreatedMay 31, 2011
UpdatedMarch 19, 2024
Classificationbad-unknown
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Backdoor Win32/Begman.A Checkin"; flow:established,to_server ; http.uri; content:".php?v="; fast_pattern; content:"&id="; content:"&wv="; pcre:"/\.php\?v=[A-Za-z0-9.]+&id=-?\d+&wv=[0-9.]{1,14}$/" ; reference:url,support.clean-mx.de/clean-mx/view_joebox.php?md5=2eb07de0ccaed89cd099fe61e6ae689e&id=766255/ ; reference:url,www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Backdoor%3AWin32%2FBegman.A ; reference:url,www.virustotal.com/file-scan/report.html?id=0bb86bf59dd554f98194b23a16b96f873ddab8cbe11de627415ff81facd84f48-1299508248 ; classtype:bad-unknown; sid:2012908; rev:5; metadata:created_at 2011_05_31, malware_family Win32_Begman_A, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_19;)
References
Metadata
created at2011_05_31
malware familyWin32_Begman_A
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2024_03_19
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!