ET INFO Possible Windows Binary Observed in SSL/TLS Certificate

7.0.35.0SID: 2025315Rev: 4Enabled1 views
Sourceet/open
Fileemerging-info.rules
CreatedFebruary 6, 2018
UpdatedMarch 27, 2024
Classificationmisc-attack
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET INFO Possible Windows Binary Observed in SSL/TLS Certificate"; flow:established,to_client; tls.certs; bsize:>768; content:"This program cannot be run in DOS mode"; nocase; reference:url,www.fidelissecurity.com/threatgeek/2018/02/exposing-x509-vulnerabilities; classtype:misc-attack; sid:2025315; rev:4; metadata:attack_target Client_Endpoint, created_at 2018_02_06, deployment Perimeter, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_27;)

Metadata

attack targetClient_Endpoint
created at2018_02_06
deploymentPerimeter
confidenceMedium
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2024_03_27

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!