ET MALWARE W32/Taidoor.Backdoor Command Request CnC Checkin
Sourceet/open
Fileemerging-malware.rules
CreatedApril 6, 2012
UpdatedMarch 17, 2024
Classificationcommand-and-control
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE W32/Taidoor.Backdoor Command Request CnC Checkin"; flow:established,to_server ; http.uri; content:".php?id="; content:"&ext="; fast_pattern; pcre:"/\x2F[a-z]{5}\x2Ephp\x3Fid\x3D.+[a-f0-9]{12}&ext\x3D/i"; reference:url,www.symantec.com/connect/blogs/trojantaidoor-takes-aim-policy-think-tanks ; classtype:command-and-control; sid:2014528; rev:3; metadata:created_at 2012_04_06, signature_severity Major, updated_at 2024_03_17;)
Metadata
created at2012_04_06
signature severityMajor
updated at2024_03_17
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!