ET MOBILE_MALWARE Android Trojan Fake10086 checkin 1

SID: 2012454Rev: 21 viewsHistory

Sourceet/open

CreatedMarch 10, 2011

UpdatedJuly 26, 2019

Classificationtrojan-activity

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MOBILE_MALWARE Android Trojan Fake10086 checkin 1"; flow:established,to_server; content:"POST"; http_method; content:"request"; http_uri; nocase; content:".php"; http_uri; nocase; content:"<imei>"; content:"<smscenter>"; content:"<installtime>"; reference:url,blog.aegislab.com/index.php?op=ViewArticle&articleId=81&blogId=1; classtype:trojan-activity; sid:2012454; rev:2; metadata:affected_product Android, attack_target Mobile_Client, created_at 2011_03_10, deployment Perimeter, signature_severity Major, tag Android, updated_at 2019_07_26, mitre_tactic_id TA0010, mitre_tactic_name Exfiltration, mitre_technique_id T1041, mitre_technique_name Exfiltration_Over_C2_Channel;)

References

url	blog.aegislab.com/index.php?op=ViewArticle&articleId=81&blogId=1

Metadata

affected productAndroid

attack targetMobile_Client

created at2011_03_10

deploymentPerimeter

signature severityMajor

tagAndroid

updated at2019_07_26

mitre tactic idTA0010

mitre tactic nameExfiltration

mitre technique idT1041

mitre technique nameExfiltration_Over_C2_Channel

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!