Versions (2)
Version DetailsCurrent
Rev: 3 • Feb 16, 2015, 12:00 PMET EXPLOIT_KIT Double-Encoded Reverse Base64/Dean Edwards Packed JavaScript Observed in Unknown EK Feb 16 2015 b64 1 M2
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT_KIT Double-Encoded Reverse Base64/Dean Edwards Packed JavaScript Observed in Unknown EK Feb 16 2015 b64 1 M2"; flow:established,from_server; file_data; content:"CZsUGLrxyYsEGLwhibvlGdj5WdmhCbhZXZ"; classtype:exploit-kit; sid:2020426; rev:3; metadata:created_at 2015_02_16, confidence High, signature_severity Major, updated_at 2019_07_26;)
Feb 16, 2015, 12:00 PM
Jul 26, 2019, 12:00 PM
Feb 16, 2015, 12:00 PM
Sep 19, 2024, 9:01 PM
rules/emerging-exploit_kit.rules