Rule History

alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Go/Anubis Registration Activity"; dsize:<400; content:"|54 67 69 2f 40|"; within:50; content:"|4f 6b 65 74 71 75 71 68 76 22 59 6b 70 66 71 79 75 22 5d 58 67 74 75 6b 71 70|"; fast_pattern; reference:md5,1f21b8e9ebc3b7480cc67ced7504916f; reference:url,medium.com/walmartglobaltech/privateloader-to-anubis-loader-55d066a2653e; classtype:trojan-activity; sid:2035184; rev:3; metadata:attack_target Client_Endpoint, created_at 2022_02_14, deployment Perimeter, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2023_03_20;)