ET MALWARE Potential-Hiloti/FakeAV site access

SID: 2011591Rev: 50 views
History
Sourceet/open
CreatedOctober 6, 2010
UpdatedMarch 27, 2022
Classificationtrojan-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Potential-Hiloti/FakeAV site access"; flow:established,to_server; content:"?p=p52dcW"; http_uri; pcre:"/\/\?p=p52dcW[A-Za-z]{4}/U"; classtype:trojan-activity; sid:2011591; rev:5; metadata:created_at 2010_10_06, signature_severity Major, updated_at 2022_03_27;)

Metadata

created at2010_10_06
signature severityMajor
updated at2022_03_27

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!