Versions (3)
Version DetailsCurrent
Rev: 8 • Sep 6, 2011, 12:00 PMET ADWARE_PUP Win32/Adware.Kraddare.FJ Checkin
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET ADWARE_PUP Win32/Adware.Kraddare.FJ Checkin"; flow:to_server,established; http.uri; content:".php?pi="; fast_pattern; content:"&gu="; content:"&ac="; http.user_agent; content:"Mozilla/4.0(compatible|3b 20|MSIE 6.0)"; bsize:33; classtype:pup-activity; sid:2013540; rev:8; metadata:created_at 2011_09_06, signature_severity Minor, updated_at 2020_10_12;)
Sep 6, 2011, 12:00 PM
Oct 12, 2020, 12:00 PM
Sep 6, 2011, 12:00 PM
Sep 10, 2024, 1:01 PM
rules/emerging-adware_pup.rules