Versions (3)
Version DetailsCurrent
Rev: 4 • Feb 24, 2012, 12:00 PMET MALWARE Trustezeb Checkin to CnC
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Trustezeb Checkin to CnC"; flow:established,to_server; http.uri; content:".php?id="; content:"&stat="; fast_pattern; distance:0; pcre:"/id=[A-F0-9]{20}/"; http.user_agent; content:"Mozilla/4.0 (compatible|3b 20|MSIE 6.0b|3b 20|Windows NT 5.0|3b 20|.NET CLR 1.0.2914)"; startswith; reference:url,www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=417; classtype:command-and-control; sid:2014283; rev:4; metadata:created_at 2012_02_24, signature_severity Major, updated_at 2020_04_21;)
Feb 24, 2012, 12:00 PM
Apr 21, 2020, 12:00 PM
Feb 24, 2012, 12:00 PM
Sep 10, 2024, 1:01 PM
rules/emerging-malware.rules