ET MALWARE Syrutrk/Gibon/Bredolab Checkin

SID: 2010381Rev: 110 views
History
Sourceet/open
CreatedJuly 30, 2010
UpdatedApril 21, 2020
Classificationcommand-and-control
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Syrutrk/Gibon/Bredolab Checkin"; flow:to_server,established; http.method; content:"GET"; nocase; http.uri; content:"?ddos=x"; nocase; pcre:"/^(?:x\d{1,2}){5,}/Ri"; reference:url,www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Backdoor%3aWin32%2fSyrutrk.A; reference:md5,011d403b345672adc29846074e717865; reference:md5,a5f94577d00d0306e4ef64bad30e5d37; classtype:command-and-control; sid:2010381; rev:11; metadata:created_at 2010_07_30, signature_severity Major, updated_at 2020_04_21;)

References

urlwww.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Backdoor%3aWin32%2fSyrutrk.A
md5
011d403b345672adc29846074e717865
Google SearchBrave Search
md5
a5f94577d00d0306e4ef64bad30e5d37
Google SearchBrave Search

Metadata

created at2010_07_30
signature severityMajor
updated at2020_04_21

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!