ET PHISHING W3LL STORE Credential Phish Landing Page (Capt) 2023-05-05

7.0.35.0SID: 2045608Rev: 2Enabled5 views
Sourceet/open
Fileemerging-phishing.rules
CreatedMay 5, 2023
UpdatedMay 5, 2023
Classificationcredential-theft
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET PHISHING W3LL STORE Credential Phish Landing Page (Capt) 2023-05-05"; file.data; content:"function(_0x4461d6,_0x85069)"; fast_pattern; content:"bot|20 3d 20|isBot|28 29 3b|"; distance:0; content:"var|20|hash|20 3d 20|location|2e|hash|2e|substr|28|1|29 3b|"; distance:0; content:"window|2e|location|2e|href|20 3d 20 27|verify|3f|"; distance:0; content:"|26|data|3d 27 2b|hash|3b|"; distance:0; classtype:credential-theft; sid:2045608; rev:2; metadata:attack_target Client_Endpoint, created_at 2023_05_05, deployment Perimeter, deployment SSLDecrypt, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2023_05_05, reviewed_at 2025_03_14;)

Metadata

attack targetClient_Endpoint
created at2023_05_05
deploymentSSLDecrypt
confidenceHigh
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2023_05_05
reviewed at2025_03_14

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!