Rule History

SID: 2018333 • Source: et/open

Versions (4)

Version DetailsCurrent

Rev: 6 • Mar 28, 2014, 12:00 PM

Message:

ET ADWARE_PUP W32/Amonetize.Downloader Executable Download Request

Rule:

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET ADWARE_PUP W32/Amonetize.Downloader Executable Download Request"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/bundle/"; content:"/?p="; http.user_agent; content:"zz_afi"; depth:6; reference:md5,23246f740cffc0bd9eb5be2e7703568a; classtype:pup-activity; sid:2018333; rev:6; metadata:created_at 2014_03_28, signature_severity Minor, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_08_31;)

Created:

Mar 28, 2014, 12:00 PM

Updated:

Aug 31, 2020, 12:00 PM

DB Created:

Mar 28, 2014, 12:00 PM

DB Updated:

Oct 1, 2025, 9:34 PM

Filename:

rules/emerging-adware_pup.rules