Versions (2)
Version DetailsCurrent
Rev: 13 • May 14, 2013, 12:00 PMET DELETED BlackHole Java Exploit Artifact
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET DELETED BlackHole Java Exploit Artifact"; flow:established,to_server; content:"/hw.class"; http_uri; content:"Java/1."; http_user_agent; reference:url,vanheusden.com/httping/; classtype:policy-violation; sid:2016848; rev:13; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, created_at 2013_05_14, deployment Perimeter, malware_family Blackhole, signature_severity Critical, tag Blackhole, tag Exploit_Kit, updated_at 2019_07_26;)
May 14, 2013, 12:00 PM
Jul 26, 2019, 12:00 PM
May 14, 2013, 12:00 PM
May 31, 2024, 9:00 PM
rules/emerging-deleted.rules