ET EXPLOIT_KIT Possible Red Dot Exploit Kit Single Character JAR Request
Sourceet/open
Fileemerging-exploit_kit.rules
CreatedJanuary 24, 2013
UpdatedApril 12, 2024
Classificationexploit-kit
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET EXPLOIT_KIT Possible Red Dot Exploit Kit Single Character JAR Request"; flow:established,to_server ; urilen:6; http.uri; content:"/"; startswith; content:".jar"; distance:1; within:4; endswith; pcre:"/^\/[a-z]\.jar$/"; reference:url,malware.dontneedcoffee.com/ ; classtype:exploit-kit; sid:2016254; rev:4; metadata:created_at 2013_01_24, confidence Medium, signature_severity Major, updated_at 2024_04_12;)
References
Metadata
created at2013_01_24
confidenceMedium
signature severityMajor
updated at2024_04_12
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!