ET MALWARE Infostealer.KLPROXY Checkin via SMTP
Sourceet/open
Fileemerging-malware.rules
CreatedJuly 29, 2014
UpdatedMarch 6, 2024
Classificationcommand-and-control
alert tcp $HOME_NET any -> $EXTERNAL_NET [25,587] (msg:"ET MALWARE Infostealer.KLPROXY Checkin via SMTP"; flow:established,to_server ; content:"Subject|3a|"; content:"C-H-E-G-O A-V-I-S-O! |2e 3a 3a|Infect|3a 3a 2e|"; distance:5; within:33; reference:md5,422ce789b284eb5aa32124a6bbe86000 ; classtype:command-and-control; sid:2018798; rev:3; metadata:created_at 2014_07_29, signature_severity Major, updated_at 2024_03_06;)
References
| md5 | 422ce789b284eb5aa32124a6bbe86000 |
Metadata
created at2014_07_29
signature severityMajor
updated at2024_03_06
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!