Versions (4)
Version DetailsCurrent
Rev: 4 • Oct 28, 2014, 12:00 PMET MALWARE OLDBAIT Checkin sptr
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE OLDBAIT Checkin sptr"; flow:established,to_server; http.uri; content:"/~"; depth:2; content:"/cgi-bin/sptr.cgi?"; content:"_"; reference:md5,3983c859a217740bf9c5dd67a4647a9d; reference:md5,771bfe5d64138ef4e11e969b408ee0d7; reference:url,thegoldenmessenger.blogspot.de/2012/12/3-disclosure-of-another-0day-malware.html; reference:url,www.fireeye.com/resources/pdfs/apt28.pdf; classtype:command-and-control; sid:2019535; rev:4; metadata:created_at 2014_10_28, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_05_13;)
Oct 28, 2014, 12:00 PM
May 13, 2020, 12:00 PM
Oct 28, 2014, 12:00 PM
Oct 8, 2025, 9:38 PM
rules/emerging-malware.rules