Versions (3)
Version DetailsCurrent
Rev: 3 • May 15, 2015, 12:00 PMET MALWARE Win32/Zemot Fake Search Page
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET MALWARE Win32/Zemot Fake Search Page"; flow:established,from_server; file_data; content:"background|3a 20|url(btn_search.png|29 2f 2a|tpa=http"; fast_pattern; reference:md5,38cad3170f85c4f9903574941bd282a8; classtype:trojan-activity; sid:2021107; rev:3; metadata:created_at 2015_05_15, malware_family Win32_Zemot, signature_severity Major, updated_at 2022_03_17;)
May 15, 2015, 12:00 PM
Mar 17, 2022, 12:00 PM
May 15, 2015, 12:00 PM
Sep 13, 2024, 9:01 PM
rules/emerging-malware.rules