ET MALWARE Possible APT-12 Related C2

7.0.35.0SID: 2017386Rev: 4Enabled0 views
Sourceet/open
Fileemerging-malware.rules
CreatedAugust 28, 2013
UpdatedMarch 6, 2024
Classificationtargeted-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Possible APT-12 Related C2"; flow:established,to_server; http.uri; content:"/url.asp?"; content:"-ShowNewsID-"; fast_pattern; distance:0; pcre:"/=[A-Za-z0-9\/\+]+={0,2}$/"; reference:url,community.rapid7.com/community/infosec/blog/2013/08/26/upcoming-g20-summit-fuels-espionage-operations; classtype:targeted-activity; sid:2017386; rev:4; metadata:created_at 2013_08_28, confidence Medium, signature_severity Major, updated_at 2024_03_06;)

Metadata

created at2013_08_28
confidenceMedium
signature severityMajor
updated at2024_03_06

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!