Versions (4)
Version DetailsCurrent
Rev: 1 • Mar 19, 2025, 4:38 PMTGI HUNT MSSQL Antivirus Error (UTF-8)
alert tcp $HOME_NET 1433 -> any any (msg:"TGI HUNT MSSQL Antivirus Error (UTF-8)"; flow:established,to_client; content:"|54 68 69 73 20 73 63 72 69 70 74 20 63 6f 6e 74 61 69 6e 73 20 6d 61 6c 69 63 69 6f 75 73 20 63 6f 6e 74 65 6e 74 20 61 6e 64 20 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 62 79 20 79 6f 75 72 20 61 6e 74 69 76 69 72 75 73 20 73 6f 66 74 77 61 72 65 2e|"; reference:url,travisgreen.net/updates/20240123; classtype:bad-unknown; sid:2610856; rev:1;)
Mar 19, 2025, 4:38 PM
Mar 19, 2025, 4:38 PM
Jul 29, 2025, 5:35 PM
Jul 29, 2025, 5:35 PM
hunting.rules