Versions (3)
Version DetailsCurrent
Rev: 5 • Oct 6, 2010, 12:00 PMET MALWARE Potential-Hiloti/FakeAV site access
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Potential-Hiloti/FakeAV site access"; flow:established,to_server; content:"?p=p52dcW"; http_uri; pcre:"/\/\?p=p52dcW[A-Za-z]{4}/U"; classtype:trojan-activity; sid:2011591; rev:5; metadata:created_at 2010_10_06, signature_severity Major, updated_at 2022_03_27;)
Oct 6, 2010, 12:00 PM
Mar 27, 2022, 12:00 PM
Sep 21, 2024, 3:00 AM
May 30, 2025, 12:04 AM
rules/emerging-malware.rules