AT related malicious URL (bradesco-portalagil .info/chegando .php?token=202372742069fdd18a59f6e1 .34109423&\;h=8d4f4aadcf62cab74ea75aa5fb16e58a20a8d92bff92792c9fd456703ddc9e75)
Sourcejulioliraup/antiphishing
Fileantiphishing.rules
CreatedMay 22, 2026
UpdatedJune 25, 2026
Classificationsocial-engineering
alert http $HOME_NET any -> any any (msg:"AT related malicious URL (bradesco-portalagil .info/chegando .php?token=202372742069fdd18a59f6e1 .34109423&\;h=8d4f4aadcf62cab74ea75aa5fb16e58a20a8d92bff92792c9fd456703ddc9e75)" ; flow:established,to_server ; http.uri; content:"/chegando.php?token=202372742069fdd18a59f6e1.34109423&|3b|h=8d4f4aadcf62cab74ea75aa5fb16e58a20a8d92bff92792c9fd456703ddc9e75"; startswith; fast_pattern; http.host; content:"bradesco-portalagil.info"; endswith; reference:url,phishstats.info ; reference:url,github.com/julioliraup/Antiphishing ; reference:url,julioliraup.github.io/AT/signature.html?sid=6000957 ; classtype:social-engineering; sid:6000957; rev:2; metadata:signature_severity Major, created_et 2026_05_11, updated_et 2026_06_25;)
References
Metadata
signature severityMajor
created et2026_05_11
updated et2026_06_25
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!