ET MALWARE Lurk Click fraud Template Request
Sourceet/open
Fileemerging-malware.rules
CreatedAugust 12, 2014
UpdatedApril 7, 2024
Classificationtrojan-activity
alert http1 $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Lurk Click fraud Template Request"; flow:established,to_server ; http.request_line; content:"GET /log/"; fast_pattern; startswith; http.uri; content:"/?id="; pcre:"/^\/log\/[0-9]+\/[0-9]+\/\?id=[0-9]+$/"; http.header_names; content:!"User-Agent|0d 0a|"; content:!"Referer|0d 0a|"; content:"Host|0d 0a|"; reference:url,secureworks.com/cyber-threat-intelligence/threats/malware-analysis-of-the-lurk-downloader/ ; classtype:trojan-activity; sid:2018927; rev:5; metadata:created_at 2014_08_12, signature_severity Major, updated_at 2024_04_07;)
References
Metadata
created at2014_08_12
signature severityMajor
updated at2024_04_07
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!