ET DELETED NACHA/Zeus Phishing Executable Download Attempt

SID: 2010342Rev: 60 views
Sourceet/open
CreatedJuly 30, 2010
UpdatedAugust 22, 2019
Classificationtrojan-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED NACHA/Zeus Phishing Executable Download Attempt"; flow:established,to_server; content:"GET "; depth:4; content:"nacha.org."; nocase; content:".exe"; http_uri; nocase; pcre:"/\x0d\x0aHost\: (www\.)?nacha\.org\./i"; reference:url,garwarner.blogspot.com/2009/11/newest-zeus-nacha-electronic-payments.html; classtype:trojan-activity; sid:2010342; rev:6; metadata:attack_target Client_Endpoint, created_at 2010_07_30, deployment Perimeter, signature_severity Major, tag Phishing, updated_at 2019_08_22;)

References

urlgarwarner.blogspot.com/2009/11/newest-zeus-nacha-electronic-payments.html

Metadata

attack targetClient_Endpoint
created at2010_07_30
deploymentPerimeter
signature severityMajor
tagPhishing
updated at2019_08_22

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!