ET RETIRED Windows 7 CMD Shell from Local System

SID: 2012690Rev: 20 views
History
Sourceet/open
CreatedApril 17, 2011
UpdatedDecember 3, 2024
Classificationsuccessful-admin
alert tcp $HOME_NET any -> any any (msg:"ET RETIRED Windows 7 CMD Shell from Local System"; flow:established; dsize:<160; content:"Microsoft Windows [Version "; depth:30; content:"Copyright (c)"; distance:0; content:"Microsoft Corp"; distance:0; classtype:successful-admin; sid:2012690; rev:2; metadata:created_at 2011_04_17, former_category ATTACK_RESPONSE, signature_severity Minor, updated_at 2024_12_03;)

Metadata

created at2011_04_17
former categoryATTACK_RESPONSE
signature severityMinor
updated at2024_12_03

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!