Versions (3)
Version DetailsCurrent
Rev: 4 • Sep 11, 2014, 12:00 PMET MALWARE DecebalPOS User-Agent
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE DecebalPOS User-Agent"; flow:established,to_server; http.user_agent; content:"Decebalv"; depth:8; reference:md5,87cfa0addda5c0e0fc34f3847408e557; reference:url,trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-pos-ram-scraper-malware.pdf; classtype:trojan-activity; sid:2019161; rev:4; metadata:created_at 2014_09_11, confidence High, signature_severity Major, updated_at 2020_05_04;)
Sep 11, 2014, 12:00 PM
May 4, 2020, 12:00 PM
Sep 21, 2024, 3:00 AM
May 30, 2025, 12:04 AM
rules/emerging-malware.rules