Versions (3)
Version DetailsCurrent
Rev: 10 • Nov 24, 2014, 12:00 PMET ADWARE_PUP Win32/CloudScout Checkin
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET ADWARE_PUP Win32/CloudScout Checkin"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/QualityCheck/"; fast_pattern; content:".php"; distance:0; pcre:"/\.php$/"; http.request_body; content:"dp="; depth:3; content:"&sdp="; distance:0; content:"&a="; distance:0; http.header_names; content:!"Referer|0d 0a|"; reference:md5,c732b52b245444e3f568d372ce399911; classtype:pup-activity; sid:2019780; rev:10; metadata:created_at 2014_11_24, signature_severity Minor, updated_at 2020_08_31;)
Nov 24, 2014, 12:00 PM
Aug 31, 2020, 12:00 PM
Nov 24, 2014, 12:00 PM
Sep 10, 2024, 1:01 PM
rules/emerging-adware_pup.rules