Versions (3)
Version DetailsCurrent
Rev: 8 • Jun 12, 2014, 12:00 PMET ADWARE_PUP PUP Win32.SoftPulse Checkin
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET ADWARE_PUP PUP Win32.SoftPulse Checkin"; flow:established, to_server; http.method; content:"POST"; http.user_agent; content:"NSIS_Inetc (Mozilla|29|"; depth:20; http.request_body; content:"|7b 22|event_type|22 3a 22|SPidentifier|22 2c 20 22|environment|22 3a 22|"; depth:45; content:"|22|machine_ID|22 3a 22|"; distance:0; reference:md5,9aa08a2700074c7a8a81e49dc8396e00; reference:md5,50f1fc1085f18a25c09c08566fc1a457; classtype:pup-activity; sid:2018557; rev:8; metadata:created_at 2014_06_12, signature_severity Minor, updated_at 2020_08_31;)
Jun 12, 2014, 12:00 PM
Aug 31, 2020, 12:00 PM
Jun 12, 2014, 12:00 PM
Sep 10, 2024, 1:01 PM
rules/emerging-adware_pup.rules