Versions (3)
Version DetailsCurrent
Rev: 2 • Jun 12, 2012, 12:00 PMET MALWARE W32/Bakcorox.A ProxyBot CnC Server Connection
alert tcp $HOME_NET any -> $EXTERNAL_NET 443 (msg:"ET MALWARE W32/Bakcorox.A ProxyBot CnC Server Connection"; flow:established,to_server; content:"GET favicon.ico HTTP/1.1"; depth:24; content:"Host|3A 20|bcProxyBot.com"; fast_pattern; distance:0; reference:url,contagioexchange.blogspot.co.uk/2012/06/022-crime-win32bakcoroxa-proxy-bot-web.html; classtype:command-and-control; sid:2014887; rev:2; metadata:created_at 2012_06_12, signature_severity Major, updated_at 2019_07_26;)
Jun 12, 2012, 12:00 PM
Jul 26, 2019, 12:00 PM
Jun 12, 2012, 12:00 PM
Sep 10, 2024, 1:01 PM
rules/emerging-malware.rules