Versions (2)
Version DetailsCurrent
Rev: 3 • Aug 14, 2014, 12:00 PMET MALWARE Suspicious X-mailer Synapse
alert smtp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Suspicious X-mailer Synapse"; flow:established,to_server; content:"produced by Synapse"; fast_pattern; content:"X|2d|mailer|3a 20|Synapse|20 2d 20|Pascal TCP|2f|IP library by Lukas Gebauer"; reference:md5,954acc71ffaa7010c603d74e76dfc70b; reference:url,www.joewein.net/spam/spam-joejob.htm; classtype:trojan-activity; sid:2018936; rev:3; metadata:created_at 2014_08_14, signature_severity Major, updated_at 2019_10_08;)
Aug 14, 2014, 12:00 PM
Oct 8, 2019, 12:00 PM
Aug 14, 2014, 12:00 PM
Sep 10, 2024, 1:01 PM
rules/emerging-malware.rules