Versions (2)
Version DetailsCurrent
Rev: 3 • Jan 21, 2015, 12:00 PMET MALWARE CryptoWall CryptoWall 3.0 Check-in
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE CryptoWall CryptoWall 3.0 Check-in"; flow:established,to_server; http.method; content:"POST"; http.uri.raw; content:"http|3a 2f 2f|proxy"; depth:12; fast_pattern; http.header; content:"i2p|0d 0a|"; http.header_names; content:!"|0d 0a|Accept-"; content:!"Referer|0d 0a|"; reference:md5,3c53c9f7ab32a09de89bb44e5f91f9af; classtype:trojan-activity; sid:2020233; rev:3; metadata:created_at 2015_01_21, signature_severity Major, updated_at 2020_05_14;)
Jan 21, 2015, 12:00 PM
May 14, 2020, 12:00 PM
Jan 21, 2015, 12:00 PM
Sep 10, 2024, 1:01 PM
rules/emerging-malware.rules