Versions (2)
Version DetailsCurrent
Rev: 4 • Jul 30, 2010, 12:00 PMET MALWARE Shark Pass Stealer Email Report
alert tcp $HOME_NET any -> $EXTERNAL_NET 25 (msg:"ET MALWARE Shark Pass Stealer Email Report"; flow:established,to_server; content:"|0d 0a|Subject|3a| Codesoft PW Stealer "; content:"|0d 0a 0d 0a|Codesoft PW Stealer File "; distance:0; content:"filename=|22|"; distance:0; content:".log|22 0d 0a|"; within:20; classtype:trojan-activity; sid:2007992; rev:4; metadata:created_at 2010_07_30, signature_severity Major, updated_at 2020_08_19;)
Jul 30, 2010, 12:00 PM
Aug 19, 2020, 12:00 PM
Jul 30, 2010, 12:00 PM
Sep 10, 2024, 1:01 PM
rules/emerging-malware.rules