ET PHISHING APT SWC PluginDetect Landing Cookie 2015-10-15
Sourceet/open
Fileemerging-phishing.rules
CreatedOctober 15, 2015
UpdatedMarch 7, 2024
Classificationtargeted-activity
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET PHISHING APT SWC PluginDetect Landing Cookie 2015-10-15"; flow:established,to_client ; http.start; content:"Cookie|3a 20|PNPSESSID="; fast_pattern; file.data; content:"SharePoint.OpenDocuments.5"; classtype:targeted-activity; sid:2031893; rev:6; metadata:created_at 2015_10_15, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_07;)
Metadata
created at2015_10_15
confidenceMedium
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2024_03_07
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!