ET MALWARE Possible Stitur Secondary Download
Sourceet/open
Fileemerging-malware.rules
CreatedNovember 9, 2013
UpdatedApril 7, 2024
Classificationtrojan-activity
alert http1 $EXTERNAL_NET any -> $HOME_NET any (msg:"ET MALWARE Possible Stitur Secondary Download"; flow:established,to_client ; http.header; content:".file|0d 0a|"; fast_pattern; content:"Content-Description|3a 20|File Transfer|0d 0a|"; content:"Content-Transfer-Encoding|3a 20|binary|0d 0a|"; pcre:"/filename=[a-f0-9]{13}\.file\r\n/"; classtype:trojan-activity; sid:2017700; rev:7; metadata:created_at 2013_11_09, confidence Medium, signature_severity Major, updated_at 2024_04_07;)
Metadata
created at2013_11_09
confidenceMedium
signature severityMajor
updated at2024_04_07
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!