ET MOBILE_MALWARE Android/FakeTimer.A Reporting to CnC
Sourceet/open
Fileemerging-mobile_malware.rules
CreatedJanuary 28, 2012
UpdatedMarch 6, 2024
Classificationcommand-and-control
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MOBILE_MALWARE Android/FakeTimer.A Reporting to CnC"; flow:established,to_server ; http.uri; content:"/send.php?a_id="; content:"&telno="; fast_pattern; content:"&m_addr="; http.user_agent; content:"Android"; reference:url,about-threats.trendmicro.com/Malware.aspx?language=uk&name=ANDROIDOS_FAKETIMER.A ; reference:url,anubis.iseclab.org/?action=result&task_id=1ba82b938005acea4ddefc8eff1f4db06 ; reference:md5,cf9ba4996531d40402efe268c7efda91 ; reference:md5,537f190d3d469ad1f178024940affcb5 ; classtype:command-and-control; sid:2014161; rev:6; metadata:affected_product Android, attack_target Client_Endpoint, created_at 2012_01_28, deployment Perimeter, signature_severity Critical, tag Android, updated_at 2024_03_06;)
References
| url | about-threats.trendmicro.com/Malware.aspx?language=uk&name=ANDROIDOS_FAKETIMER.A |
| url | anubis.iseclab.org/?action=result&task_id=1ba82b938005acea4ddefc8eff1f4db06 |
| md5 | cf9ba4996531d40402efe268c7efda91 |
| md5 | 537f190d3d469ad1f178024940affcb5 |
Metadata
affected productAndroid
attack targetClient_Endpoint
created at2012_01_28
deploymentPerimeter
signature severityCritical
tagAndroid
updated at2024_03_06
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!