ET MALWARE Win32/Small.gen!AQ Communication with Controller

SID: 2011414Rev: 60 views
History
Sourceet/open
CreatedSeptember 28, 2010
UpdatedMay 29, 2024
Classificationtrojan-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32/Small.gen!AQ Communication with Controller"; flow:established,to_server; http.uri; content:"?uid="; nocase; fast_pattern; content:"&action="; nocase; content:"&v="; nocase; content:"&b="; nocase; pcre:"/\?uid=[0-9a-f]{40}&action=\w+&v=[\w.]+&b=\d+$/"; reference:md5,eb3140416c06fa8cb7851076dd100dfb; reference:url,perpetualhorizon.blogspot.com/2010/08/shot-in-dark-analysis-of-failed-malware.html; reference:md5,8033dffa899dcd16769f389073f9f053; classtype:trojan-activity; sid:2011414; rev:6; metadata:created_at 2010_09_28, malware_family Win32_Small_gen_AQ, signature_severity Major, updated_at 2024_05_29;)

References

md5
eb3140416c06fa8cb7851076dd100dfb
Google SearchBrave Search
urlperpetualhorizon.blogspot.com/2010/08/shot-in-dark-analysis-of-failed-malware.html
md5
8033dffa899dcd16769f389073f9f053
Google SearchBrave Search

Metadata

created at2010_09_28
malware familyWin32_Small_gen_AQ
signature severityMajor
updated at2024_05_29

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!