Versions (4)
Version DetailsCurrent
Rev: 2 • Aug 31, 2011, 12:00 PMET RETIRED W32/Badlib Connectivity Check To Department of Defense Intelligence Information Systems
alert tcp $HOME_NET any -> 11.11.11.11 55611 (msg:"ET RETIRED W32/Badlib Connectivity Check To Department of Defense Intelligence Information Systems"; flow:to_server; flags:S; reference:url,blog.eset.com/2011/08/03/win32delf-qcztrust-me-i%E2%80%99m-your-anti-virus; reference:url,www.eset.com/about/blog/blog/article/win32delf-qcz-additional-details; classtype:trojan-activity; sid:2013506; rev:2; metadata:created_at 2011_08_31, former_category MALWARE, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_12_03;)
Aug 31, 2011, 12:00 PM
Dec 3, 2024, 12:00 PM
Sep 21, 2024, 3:00 AM
Nov 10, 2025, 10:34 PM
rules/emerging-retired.rules