ET EXPLOIT_KIT DRIVEBY [PwC CTD] -- MultiGroup - TH3BUG and Non-Targetted Groups Watering Hole Deobfuscation function
Sourceet/open
Fileemerging-exploit_kit.rules
CreatedFebruary 25, 2015
UpdatedMarch 14, 2024
Classificationexploit-kit
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT_KIT DRIVEBY [PwC CTD] -- MultiGroup - TH3BUG and Non-Targetted Groups Watering Hole Deobfuscation function"; flow:established,to_client ; file.data; content:"Chr(CInt(ns(i)) Xor n)"; reference:url,pwc.blogs.com/cyber_security_updates/2014/10/scanbox-framework-whosaffected-and-whos-using-it-1.html ; classtype:exploit-kit; sid:2020563; rev:5; metadata:affected_product Any, attack_target Client_Endpoint, created_at 2015_02_25, deployment Perimeter, signature_severity Major, tag DriveBy, updated_at 2024_03_14;)
References
Metadata
affected productAny
attack targetClient_Endpoint
created at2015_02_25
deploymentPerimeter
signature severityMajor
tagDriveBy
updated at2024_03_14
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!