ET MALWARE Mirage Campaign checkin
Sourceet/open
Fileemerging-malware.rules
CreatedSeptember 19, 2012
UpdatedApril 12, 2024
Classificationcommand-and-control
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Mirage Campaign checkin"; flow:established,to_server ; http.method; content:"POST"; http.uri; content:"/result?hl="; startswith; content:"&meta="; distance:0; http.request_body; content:"Mjtdkj"; fast_pattern; startswith; reference:md5,ce1cdc9c95a6808945f54164b2e4d9d2 ; reference:url,secureworks.com/research/threats/the-mirage-campaign/ ; classtype:command-and-control; sid:2015714; rev:4; metadata:created_at 2012_09_19, signature_severity Major, updated_at 2024_04_12;)
References
| md5 | ce1cdc9c95a6808945f54164b2e4d9d2 |
| url | secureworks.com/research/threats/the-mirage-campaign/ |
Metadata
created at2012_09_19
signature severityMajor
updated at2024_04_12
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!