Versions (3)
Version DetailsCurrent
Rev: 2 • Jul 7, 2014, 12:00 PMET MALWARE TrojanSpy.Win32/Banker.AMB SQL Checkin
alert tcp $HOME_NET any -> $EXTERNAL_NET 1433 (msg:"ET MALWARE TrojanSpy.Win32/Banker.AMB SQL Checkin"; flow:established,to_server; content:"I|00|N|00|S|00|E|00|R|00|T"; content:"I|00|N|00|T|00|O"; distance:0; content:"B|00|R|00|O|00|W|00|S|00|E|00|R|00|L|00|O|00|G|00|U|00|S|00|B|00|"; reference:md5,dd141287cb45a2067592eeb9d3aa7162; classtype:command-and-control; sid:2018645; rev:2; metadata:created_at 2014_07_07, signature_severity Major, updated_at 2019_07_26;)
Jul 7, 2014, 12:00 PM
Jul 26, 2019, 12:00 PM
Sep 21, 2024, 3:00 AM
May 30, 2025, 12:04 AM
rules/emerging-malware.rules