ET MALWARE ELF/Emptiness v2 XOR UDP Flood Command Inbound

7.0.35.0SID: 2027843Rev: 2Enabled1 views
Sourceet/open
Fileemerging-malware.rules
CreatedAugust 9, 2019
UpdatedMarch 7, 2024
Classificationtrojan-activity
alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET MALWARE ELF/Emptiness v2 XOR UDP Flood Command Inbound"; flow:established,to_client; content:"|fe d5 57 68 f0 44 fb|"; depth:7; fast_pattern; pcre:"/^[\x20-\x7e\r\n]{0,13}[^\x20-\x7e\r\n]/"; reference:url,blog.netlab.360.com/emptiness-a-new-evolving-botnet/; classtype:trojan-activity; sid:2027843; rev:2; metadata:affected_product Linux, created_at 2019_08_09, malware_family Emptiness, confidence Medium, signature_severity Major, tag DDoS, updated_at 2024_03_07;)

Metadata

affected productLinux
created at2019_08_09
malware familyEmptiness
confidenceMedium
signature severityMajor
tagDDoS
updated at2024_03_07

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!