Versions (4)
Version DetailsCurrent
Rev: 4 • Feb 29, 2012, 12:00 PMET MALWARE Backdoor.Win32.PEx.942728546 Checkin
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Backdoor.Win32.PEx.942728546 Checkin"; flow:established,to_server; http.uri; content:".com.exe"; fast_pattern; http.user_agent; content:"GetRight/"; depth:9; reference:md5,25e9e3652e567e70fba00c53738bdf74; reference:url,threatcenter.crdf.fr/?More&ID=74977&D=CRDF.Backdoor.Win32.PEx.942728546; classtype:command-and-control; sid:2014290; rev:4; metadata:created_at 2012_02_29, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_10_13;)
Feb 29, 2012, 12:00 PM
Oct 13, 2020, 12:00 PM
Feb 29, 2012, 12:00 PM
Oct 2, 2025, 10:34 PM
rules/emerging-malware.rules