ET MALWARE Win32.Agent.cyt (Or variant) HTTP POST Checkin (2)

SID: 2008004Rev: 50 views
History
Sourceet/open
CreatedJuly 30, 2010
UpdatedMarch 5, 2024
Classificationcommand-and-control
alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET MALWARE Win32.Agent.cyt (Or variant) HTTP POST Checkin (2)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:".cgi"; http.request_body; content:"o=c&s="; fast_pattern; classtype:command-and-control; sid:2008004; rev:5; metadata:created_at 2010_07_30, signature_severity Major, updated_at 2024_03_05;)

Metadata

created at2010_07_30
signature severityMajor
updated at2024_03_05

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!