ET MALWARE njrat ver 0.7d Malware CnC Callback (Remote Shell)
Sourceet/open
Fileemerging-malware.rules
CreatedSeptember 23, 2014
UpdatedMarch 6, 2024
Classificationcommand-and-control
alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE njrat ver 0.7d Malware CnC Callback (Remote Shell)"; flow:established,to_server ; content:"|00|rs|7c 27 7c 27 7c|"; nocase; fast_pattern; pcre:"/^\d{1,6}\x00rs\x7c/i" ; reference:md5,bbc68c34bb2dac3ae382ecf785bdb441 ; classtype:command-and-control; sid:2019217; rev:4; metadata:created_at 2014_09_23, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_06;)
References
| md5 | bbc68c34bb2dac3ae382ecf785bdb441 |
Metadata
created at2014_09_23
confidenceMedium
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2024_03_06
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!