ET EXPLOIT RetroGuard Obfuscated JAR likely part of hostile exploit kit

SID: 2012518Rev: 20 views
History
Sourceet/open
CreatedMarch 17, 2011
UpdatedJuly 26, 2019
Classificationexploit-kit
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT RetroGuard Obfuscated JAR likely part of hostile exploit kit"; flow:established,from_server; content:"classPK"; content:"|20|by|20|RetroGuard|20|Lite|20|"; reference:url,www.retrologic.com; classtype:exploit-kit; sid:2012518; rev:2; metadata:created_at 2011_03_17, signature_severity Major, updated_at 2019_07_26, mitre_tactic_id TA0005, mitre_tactic_name Defense_Evasion, mitre_technique_id T1027, mitre_technique_name Obfuscated_Files_or_Information;)

References

urlwww.retrologic.com

Metadata

created at2011_03_17
signature severityMajor
updated at2019_07_26
mitre tactic idTA0005
mitre tactic nameDefense_Evasion
mitre technique idT1027
mitre technique nameObfuscated_Files_or_Information

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!