ET EXPLOIT Obfuscated Base64 in Javascript probably Scalaxy exploit kit
Sourceet/open
Fileemerging-exploit.rules
CreatedDecember 13, 2011
UpdatedApril 8, 2024
Classificationexploit-kit
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Obfuscated Base64 in Javascript probably Scalaxy exploit kit"; flow:established,to_client ; file.data; content:!"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; content:"|2b 2f 3d 22 3b|"; fast_pattern; content:"<<18|7c|"; within:500; content:"<<12|7c|"; within:13; content:"<<6|7c|"; within:13; classtype:exploit-kit; sid:2014027; rev:4; metadata:created_at 2011_12_13, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_04_08, mitre_tactic_id TA0005, mitre_tactic_name Defense_Evasion, mitre_technique_id T1027, mitre_technique_name Obfuscated_Files_or_Information;)
Metadata
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!