ET SHELLCODE JavaScript Redefinition of a HeapLib Object - Likely Malicious Heap Spray Attempt
Sourceet/open
Fileemerging-shellcode.rules
CreatedJune 30, 2011
UpdatedApril 9, 2024
Classificationshellcode-detect
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET SHELLCODE JavaScript Redefinition of a HeapLib Object - Likely Malicious Heap Spray Attempt"; flow:established,to_client ; file.data; content:"heap|2E|"; nocase; fast_pattern; pcre:"/var\x20[^\n\r]*\x3D[^\n\r]*heap\x2E/smi"; classtype:shellcode-detect; sid:2013148; rev:4; metadata:created_at 2011_06_30, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_04_09;)
Metadata
created at2011_06_30
confidenceHigh
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2024_04_09
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!