ET MALWARE Suspicious User-Agent (Post)
Sourceet/open
Fileemerging-malware.rules
CreatedMarch 13, 2012
UpdatedMarch 26, 2024
Classificationtrojan-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Suspicious User-Agent (Post)"; flow:established,to_server ; http.uri; content:!"/uup.php"; http.header; content:!".360.cn|0d 0a|"; content:!".360.com|0d 0a|"; content:!".360safe.com|0d 0a|"; http.user_agent; bsize:4; content:"Post"; fast_pattern; classtype:trojan-activity; sid:2014366; rev:10; metadata:affected_product Any, attack_target Client_Endpoint, created_at 2012_03_13, deployment Perimeter, confidence High, signature_severity Major, tag User_Agent, updated_at 2024_03_26;)
Metadata
affected productAny
attack targetClient_Endpoint
created at2012_03_13
deploymentPerimeter
confidenceHigh
signature severityMajor
tagUser_Agent
updated at2024_03_26
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!