STEALER [PTsecurity] Evelyn Requesting Browser Injection Component via FTP

SID: 10016291Rev: 1Enabled2 views
Fileptopen-malware.rules
CreatedJune 23, 2026
UpdatedJune 23, 2026
Classificationtrojan-activity
alert ftp any any -> any any (msg:"STEALER [PTsecurity] Evelyn Requesting Browser Injection Component via FTP"; flow:established, to_server; content:"SIZE /public_html/abe_decrypt.dll"; reference:url, www.trendmicro.com/en_us/research/26/a/analysis-of-the-evelyn-stealer-campaign.html; reference:url, www.virustotal.com/gui/file/92af258d13494f208ccf76f53a36f288060543f02ed438531e0675b85da00430/detection; reference:url, rules.ptsecurity.com; classtype:trojan-activity; sid:10016291; rev:1;)

References

urlwww.trendmicro.com/en_us/research/26/a/analysis-of-the-evelyn-stealer-campaign.html
urlwww.virustotal.com/gui/file/92af258d13494f208ccf76f53a36f288060543f02ed438531e0675b85da00430/detection
urlrules.ptsecurity.com

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!