Versions (3)
Version DetailsCurrent
Rev: 3 • Nov 4, 2015, 12:00 PMET MALWARE Silent Miner Changelog Checkin
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET MALWARE Silent Miner Changelog Checkin"; flow:established,from_server; http.stat_code; content:"200"; http.content_type; content:"text/plain"; startswith; file.data; content:"Changelog v"; depth:11; fast_pattern; content:"-Added startup folder"; distance:0; content:"-Changed AutoUpdate Mode"; distance:0; content:"|7c 7c|----------------"; distance:0; content:"-Fixed startup .exe without name bug"; distance:0; content:"-Changed files hosting"; distance:0; content:"- Added CPU Threads"; reference:md5,2d51e11a38b7fd448cd0b1d319915e44; classtype:command-and-control; sid:2022034; rev:3; metadata:created_at 2015_11_04, signature_severity Major, updated_at 2020_06_09;)
Nov 4, 2015, 12:00 PM
Jun 9, 2020, 12:00 PM
Nov 4, 2015, 12:00 PM
Sep 10, 2024, 1:01 PM
rules/emerging-malware.rules