ET MALWARE Win32/Htbot.B Checkin

7.0.35.0SID: 2020089Rev: 8Enabled1 views
Sourceet/open
Fileemerging-malware.rules
CreatedJanuary 5, 2015
UpdatedMarch 27, 2024
Classificationcommand-and-control
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32/Htbot.B Checkin"; flow:established,to_server; http.uri; content:".php?command="; fast_pattern; pcre:"/\.php\?command=(?:g(?:hl|et(?:ip|id|backconnect))|update2?|dl|log)(?:$|&)/"; http.user_agent; bsize:2; content:"pb"; reference:md5,bdd2328d466e563a650bb7ccdb9aca79; reference:md5,ba1404af71ecf3ca8b0e30a2b365f6fd; reference:url,www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Backdoor%3AWin32%2FHtbot.B; classtype:command-and-control; sid:2020089; rev:8; metadata:created_at 2015_01_05, malware_family Win32_Htbot_B, signature_severity Major, updated_at 2024_03_27;)

Metadata

created at2015_01_05
malware familyWin32_Htbot_B
signature severityMajor
updated at2024_03_27

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!