Versions (5)
Version DetailsCurrent
Rev: 2 • May 4, 2015, 12:00 PMET MALWARE Linux/DDoS.Sotdas/IptabLex Checkin
alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Linux/DDoS.Sotdas/IptabLex Checkin"; flow:to_server,established; dsize:296; content:"|72 8D 90 89 7E D6|"; offset:224; depth:6; fast_pattern; content:"|b6 b6 b6 b6 b6 b6 b6 b6 b6 b6 b6 b6 b6 b6 b6 b6|"; reference:md5,f7556d9ede5d988400b1edbb1a172634; classtype:command-and-control; sid:2021049; rev:2; metadata:created_at 2015_05_04, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
May 4, 2015, 12:00 PM
Jul 26, 2019, 12:00 PM
Sep 21, 2024, 3:00 AM
Nov 3, 2025, 10:34 PM
rules/emerging-malware.rules