ET MALWARE MSIL/Crimson Receiving Command (folders list)

7.0.35.0SID: 2036284Rev: 4Enabled1 views
Sourceet/open
Fileemerging-malware.rules
CreatedFebruary 17, 2016
UpdatedMarch 8, 2024
Classificationtrojan-activity
alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET MALWARE MSIL/Crimson Receiving Command (folders list)"; flow:established,to_client; content:"fldr="; offset:5; byte_jump:4,0,little,from_beginning,post_offset 4; isdataat:!2,relative; reference:md5,94d29dded4dfd920fc4153f18e82fc6c; classtype:trojan-activity; sid:2036284; rev:4; metadata:created_at 2016_02_17, malware_family MSIL_Crimson, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)

References

md5
94d29dded4dfd920fc4153f18e82fc6c

Metadata

created at2016_02_17
malware familyMSIL_Crimson
confidenceHigh
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2024_03_08

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!