Versions (3)
Version DetailsCurrent
Rev: 3 • Feb 22, 2013, 12:00 PMET MALWARE WEBC2-CLOVER Download UA
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE WEBC2-CLOVER Download UA"; flow:established,to_server; http.user_agent; content:"Mozilla/5.0 (Windows|3b 20|Windows NT 5.1|3b 20|en-US|3b 20|rv|3a|1.8.0.12) Firefox/1.5.0.12"; fast_pattern; bsize:74; reference:url,www.mandiant.com/apt1; reference:md5,29c691978af80dc23c4df96b5f6076bb; classtype:command-and-control; sid:2016453; rev:3; metadata:created_at 2013_02_22, signature_severity Major, updated_at 2020_04_23;)
Feb 22, 2013, 12:00 PM
Apr 23, 2020, 12:00 PM
Feb 22, 2013, 12:00 PM
Sep 10, 2024, 1:01 PM
rules/emerging-malware.rules