Versions (2)
Version DetailsCurrent
Rev: 3 • Jun 22, 2013, 12:00 PMET MALWARE Drive Receiving IP DDoS instructions
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET MALWARE Drive Receiving IP DDoS instructions"; flow:established,to_client; flowbits:isset,ET.Drive.DDoS.Checkin; file_data; content:"-ip "; reference:url,ddos.arbornetworks.com/2013/06/dirtjumpers-ddos-engine-gets-a-tune-up-with-new-drive-variant/; classtype:trojan-activity; sid:2017049; rev:3; metadata:created_at 2013_06_22, signature_severity Major, updated_at 2019_07_26;)
Jun 22, 2013, 12:00 PM
Jul 26, 2019, 12:00 PM
Jun 22, 2013, 12:00 PM
Sep 10, 2024, 1:01 PM
rules/emerging-malware.rules