ET MALWARE CFR DRIVEBY CVE-2012-4792 DNS Query for C2 domain
Sourceet/open
Fileemerging-malware.rules
CreatedDecember 30, 2012
UpdatedApril 13, 2024
Classificationcommand-and-control
alert dns $HOME_NET any -> any any (msg:"ET MALWARE CFR DRIVEBY CVE-2012-4792 DNS Query for C2 domain"; dns.query; content:"provide.yourtrap.com"; startswith; fast_pattern; nocase; endswith; reference:cve,2012-4792 ; reference:url,github.com/rapid7/metasploit-framework/commit/6cb9106218bde56fc5e8d72c66fbba9f11c24449 ; reference:url,eromang.zataz.com/2012/12/29/attack-and-ie-0day-informations-used-against-council-on-foreign-relations/ ; classtype:command-and-control; sid:2016135; rev:7; metadata:affected_product Any, attack_target Client_Endpoint, created_at 2012_12_30, cve CVE_2012_4792, deployment Perimeter, confidence Medium, signature_severity Major, tag DriveBy, tag CISA_KEV, updated_at 2024_04_13;)
References
Metadata
affected productAny
attack targetClient_Endpoint
created at2012_12_30
deploymentPerimeter
confidenceMedium
signature severityMajor
tagCISA_KEV
updated at2024_04_13
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!