Versions (5)
Version DetailsCurrent
Rev: 1 • Nov 16, 2023, 12:00 PMET MALWARE TA422 Related Activity M5
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET MALWARE TA422 Related Activity M5"; flow:established,to_client; flowbits:isset,ET.TA422.Mockingbird; http.stat_code; content:"302"; http.location; content:"https|3a 2f 2f|run.mocky.io/v3/"; fast_pattern; classtype:trojan-activity; sid:2049288; rev:1; metadata:created_at 2023_11_16, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2023_11_22, former_sid 2855828;)
Nov 16, 2023, 12:00 PM
Nov 22, 2023, 12:00 PM
Sep 21, 2024, 3:00 AM
Aug 18, 2025, 8:35 PM
rules/emerging-malware.rules