ET MALWARE Backdoor.Win32/Likseput.A Checkin Windows Vista/7/8
Sourceet/open
Fileemerging-malware.rules
CreatedFebruary 20, 2013
UpdatedApril 7, 2024
Classificationcommand-and-control
alert http1 $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Backdoor.Win32/Likseput.A Checkin Windows Vista/7/8"; flow:established,to_server ; http.header; content:"User-Agent|3a 20|6."; fast_pattern; http.user_agent; content:"6."; startswith; content:"|3a|"; distance:4; within:1; content:"|5c|"; distance:0; pcre:"/^6\.[0-2]\x20\d\d\x3a\d\d\x20/i"; reference:md5,b5e9ce72771217680efaeecfafe3da3f ; reference:md5,4b6f5e62d7913fc1ab6c71b5b909ecbf ; classtype:command-and-control; sid:2016433; rev:8; metadata:created_at 2013_02_20, signature_severity Major, updated_at 2024_04_07;)
References
| md5 | b5e9ce72771217680efaeecfafe3da3f |
| md5 | 4b6f5e62d7913fc1ab6c71b5b909ecbf |
Metadata
created at2013_02_20
signature severityMajor
updated at2024_04_07
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!