Versions (3)
Version DetailsCurrent
Rev: 8 • Nov 24, 2014, 12:00 PMET ADWARE_PUP PUP Win32/ELEX Checkin
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET ADWARE_PUP PUP Win32/ELEX Checkin"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/v"; depth:2; content:"?update"; fast_pattern; distance:0; pcre:"/^[0-9]?=[a-z]+/Ri"; http.header_names; content:!"User-Agent"; content:!"Accept"; content:!"Referer"; reference:md5,2fed7fe9d055ebb63897bc2c8996676d; reference:md5,e2fd0d2c44e96cab5017bb8a68ca92a6; classtype:pup-activity; sid:2019779; rev:8; metadata:created_at 2014_11_24, signature_severity Minor, updated_at 2020_08_31;)
Nov 24, 2014, 12:00 PM
Aug 31, 2020, 12:00 PM
Nov 24, 2014, 12:00 PM
Sep 10, 2024, 1:01 PM
rules/emerging-adware_pup.rules