ET MALWARE Troj/ReRol.A Checkin 1
Sourceet/open
Fileemerging-malware.rules
CreatedJuly 14, 2014
UpdatedApril 7, 2024
Classificationcommand-and-control
alert http1 $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Troj/ReRol.A Checkin 1"; flow:established,to_server ; urilen:18; http.method; content:"POST"; http.uri; content:"/project/check.asp"; fast_pattern; http.user_agent; bsize:25; content:"Mozilla/4.0|20 28|compatible|3b|)"; http.header_names; content:"Content-Length|0d 0a|"; content:"User-Agent|0d 0a|"; distance:0; content:!"Referer|0d 0a|"; reference:url,blog.cassidiancybersecurity.com/post/2014/07/The-Eye-of-the-Tiger2 ; reference:md5,12854bb8d1e6a590e1bd578267e4f8c9 ; classtype:command-and-control; sid:2018882; rev:8; metadata:created_at 2014_07_14, signature_severity Major, updated_at 2024_04_07;)
References
| url | blog.cassidiancybersecurity.com/post/2014/07/The-Eye-of-the-Tiger2 |
| md5 | 12854bb8d1e6a590e1bd578267e4f8c9 |
Metadata
created at2014_07_14
signature severityMajor
updated at2024_04_07
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!