ET MALWARE Win32.Inject.ql Checkin Post

SID: 2007803Rev: 50 views
History
Sourceet/open
CreatedJuly 30, 2010
UpdatedMarch 5, 2024
Classificationcommand-and-control
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32.Inject.ql Checkin Post"; flow:established,to_server; http.method; content:"POST"; http.request_body; content:"MAC="; fast_pattern; nocase; content:"&IP="; nocase; content:"&NAME="; nocase; content:"&OS="; nocase; classtype:command-and-control; sid:2007803; rev:5; metadata:created_at 2010_07_30, signature_severity Major, updated_at 2024_03_05;)

Metadata

created at2010_07_30
signature severityMajor
updated at2024_03_05

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!