Versions (4)
Version DetailsCurrent
Rev: 3 • Oct 28, 2014, 12:00 PMET MALWARE OLDBAIT Checkin 2 brvc
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE OLDBAIT Checkin 2 brvc"; flow:established,to_server; http.uri; content:"/~"; depth:2; content:"/cgi-bin/brvc.cgi?"; content:"_"; reference:md5,3983c859a217740bf9c5dd67a4647a9d; reference:md5,771bfe5d64138ef4e11e969b408ee0d7; reference:url,thegoldenmessenger.blogspot.de/2012/12/3-disclosure-of-another-0day-malware.html; reference:url,fireeye.com/resources/pdfs/apt28.pdf; classtype:command-and-control; sid:2019536; rev:3; metadata:created_at 2014_10_28, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_05_13;)
Oct 28, 2014, 12:00 PM
May 13, 2020, 12:00 PM
Oct 28, 2014, 12:00 PM
Oct 8, 2025, 9:38 PM
rules/emerging-malware.rules