ET MALWARE Tatanga/Win32.Kexject.A Checkin

7.0.35.0SID: 2013819Rev: 8Enabled0 views
Sourceet/open
Fileemerging-malware.rules
CreatedNovember 2, 2011
UpdatedMay 2, 2024
Classificationcommand-and-control
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Tatanga/Win32.Kexject.A Checkin"; flow:established,to_server; http.method; content:"POST"; nocase; http.uri; content:".php"; http.header_names; to_lowercase; content:!"|0d 0a|user-agent|0d 0a|"; http.request_body; content:"|CE FA AD DE 03 00|"; startswith; reference:url,securityblog.s21sec.com/2011/02/tatanga-new-banking-trojan-with-mitb.html; classtype:command-and-control; sid:2013819; rev:8; metadata:created_at 2011_11_02, confidence Medium, signature_severity Major, updated_at 2024_05_02;)

Metadata

created at2011_11_02
confidenceMedium
signature severityMajor
updated at2024_05_02

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!