Versions (3)
Version DetailsCurrent
Rev: 8 • May 5, 2014, 12:00 PMET MALWARE Potential Sefnit C2 traffic (from server)
alert tcp any 443 -> any any (msg:"ET MALWARE Potential Sefnit C2 traffic (from server)"; flow: from_server,established; content:"SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1"; classtype:command-and-control; sid:2018449; rev:8; metadata:created_at 2014_05_05, signature_severity Major, updated_at 2019_07_26;)
May 5, 2014, 12:00 PM
Jul 26, 2019, 12:00 PM
May 5, 2014, 12:00 PM
Sep 10, 2024, 1:01 PM
rules/emerging-malware.rules