Rule History

alert tcp $HOME_NET any -> $EXTERNAL_NET 25 (msg:"ET DELETED Win32.SMTP-Mailer SMTP Outbound"; flow:to_server,established; content:"Subject|3a 20 3a 20|ZOMBIE"; nocase; content:"X-Library|3a| Indy 9.00.10"; nocase; distance:0; reference:url,research.sunbelt-software.com/threatdisplay.aspx?name=Win32.SMTP-Mailer&threatid=48095; reference:url,www.hauri.net/virus/virusinfo_read.php?code=TRW3000774&start=1; classtype:trojan-activity; sid:2003041; rev:7; metadata:created_at 2010_07_30, signature_severity Unknown, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)