ET EXPLOIT_KIT KaiXin Secondary Landing Page

7.0.35.0SID: 2021292Rev: 6Enabled0 views
Sourceet/open
Fileemerging-exploit_kit.rules
CreatedJune 18, 2015
UpdatedApril 6, 2024
Classificationexploit-kit
alert http1 $HOME_NET any -> $EXTERNAL_NET any (msg:"ET EXPLOIT_KIT KaiXin Secondary Landing Page"; flow:established,to_server; http.uri; content:"/win.html"; fast_pattern; pcre:"/\/win\.html$/"; http.header; pcre:"/Referer\x3a\x20http\x3a\x2f+(?P<refhost>[^\x3a\x2f\r\n]+)(?:\x3a\d{1,5})?[^\r\n]*?\/(?:index.html)?\r\n.*?\r\nHost\x3a\x20(?P=refhost)[\x3a\r]/si"; classtype:exploit-kit; sid:2021292; rev:6; metadata:created_at 2015_06_18, signature_severity Major, updated_at 2024_04_06;)

Metadata

created at2015_06_18
signature severityMajor
updated at2024_04_06

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!