Versions (3)
Version DetailsCurrent
Rev: 4 • Aug 26, 2014, 12:00 PMET MALWARE Windows ipconfig Microsoft Windows DOS prompt command exit OUTBOUND
alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Windows ipconfig Microsoft Windows DOS prompt command exit OUTBOUND"; flow:established,to_server; content:"Windows IP Configuration|0d|"; fast_pattern; content:"Ethernet adapter Local Area Connection|3a|"; distance:0; content:"Physical Address"; content:"IP Address"; content:"Subnet Mask"; content:"Default Gateway"; reference:md5,a22af4fc7fe011069704a15296634ca6; classtype:trojan-activity; sid:2019000; rev:4; metadata:created_at 2014_08_26, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2022_03_17, reviewed_at 2024_03_20;)
Aug 26, 2014, 12:00 PM
Mar 17, 2022, 12:00 PM
Aug 26, 2014, 12:00 PM
Nov 10, 2025, 10:34 PM
rules/emerging-malware.rules