ET MOBILE_MALWARE Android/DwnlAPK-A Configuration File Request
Sourceet/open
Fileemerging-mobile_malware.rules
CreatedFebruary 5, 2014
UpdatedMarch 24, 2024
Classificationtrojan-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MOBILE_MALWARE Android/DwnlAPK-A Configuration File Request"; flow:established,to_server ; http.uri; content:"/iconfig.txt"; fast_pattern; http.user_agent; bsize:24; content:"Mozilla/4.0 (compatible)"; reference:url,nakedsecurity.sophos.com/2014/01/31/android-banking-malware-with-a-twist-in-the-delivery/ ; classtype:trojan-activity; sid:2018071; rev:4; metadata:affected_product Android, attack_target Client_Endpoint, created_at 2014_02_05, deployment Perimeter, signature_severity Critical, tag Android, updated_at 2024_03_24;)
References
Metadata
affected productAndroid
attack targetClient_Endpoint
created at2014_02_05
deploymentPerimeter
signature severityCritical
tagAndroid
updated at2024_03_24
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!