ET MALWARE Win32/Injector.MUD Variant Reporting
Sourceet/open
Fileemerging-malware.rules
CreatedJanuary 11, 2012
UpdatedApril 8, 2024
Classificationtrojan-activity
alert http1 $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32/Injector.MUD Variant Reporting"; flow:established,to_server ; http.method; content:"GET"; nocase; http.uri; content:"/total_visitas.php"; fast_pattern; http.start; content:".php HTTP/1.1|0d 0a|Host|3a 20|"; http.header_names; content:!"User-Agent|0d 0a|"; reference:url,microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Trojan%3aWin32/Dynamer!dtc ; reference:md5,989ba48e0a9e39b4b6fc5c6bf400c41b ; classtype:trojan-activity; sid:2014113; rev:7; metadata:created_at 2012_01_11, malware_family Win32_Injector_MUD, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_04_08;)
References
| url | microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Trojan%3aWin32/Dynamer!dtc |
| md5 | 989ba48e0a9e39b4b6fc5c6bf400c41b |
Metadata
created at2012_01_11
malware familyWin32_Injector_MUD
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2024_04_08
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!