ET MALWARE Win32/Zeprox.B Checkin

7.0.35.0SID: 2020203Rev: 10Enabled2 views
Sourceet/open
Fileemerging-malware.rules
CreatedJanuary 16, 2015
UpdatedApril 28, 2024
Classificationcommand-and-control
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32/Zeprox.B Checkin"; flow:established,to_server; http.method; content:"GET"; http.uri; content:".php?a=n|60|e|3e|"; fast_pattern; http.header_names; to_lowercase; content:!"|0d 0a|referer|0d 0a|"; content:"|0d 0a|proxy-connection|0d 0a|"; http.content_len; byte_test:0,=,0,0,string,dec; reference:md5,bc27f28e5fe47b78202fd3108d39aac1; reference:md5,38c89cca7806fde08bba82b3cb533e5a; reference:url,www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Backdoor%3AWin32/Zeprox.B; classtype:command-and-control; sid:2020203; rev:10; metadata:created_at 2015_01_16, malware_family Win32_Zeprox_B, signature_severity Major, updated_at 2024_04_28;)

Metadata

created at2015_01_16
malware familyWin32_Zeprox_B
signature severityMajor
updated at2024_04_28

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!