Versions (2)
Version DetailsCurrent
Rev: 5 • Jul 5, 2011, 12:00 PMET MOBILE_MALWARE Android.CruseWin Retriving XML File from Hard Coded CnC
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MOBILE_MALWARE Android.CruseWin Retriving XML File from Hard Coded CnC"; flow:established,to_server; flowbits:set,ET.And.CruseWin; flowbits:noalert; http.uri; content:"/flash/test.xml"; fast_pattern; reference:url,www.fortiguard.com/encyclopedia/virus/android_crusewin.a!tr.html; classtype:command-and-control; sid:2013193; rev:5; metadata:affected_product Android, attack_target Client_Endpoint, created_at 2011_07_05, deployment Perimeter, signature_severity Critical, tag Android, updated_at 2020_10_05;)
Jul 5, 2011, 12:00 PM
Oct 5, 2020, 12:00 PM
Jul 5, 2011, 12:00 PM
May 31, 2024, 9:00 PM
rules/emerging-mobile_malware.rules