ET RETIRED Dropper.Win32.Agent.ahju Checkin
Sourceet/open
CreatedMay 31, 2011
UpdatedDecember 3, 2024
Classificationcommand-and-control
alert tcp $HOME_NET any -> $EXTERNAL_NET 288 (msg:"ET RETIRED Dropper.Win32.Agent.ahju Checkin"; flow:established,to_server; content:"|44 78 47 54 33 43 6D 42 66 39 73 39 6C 74 62 6A 35 61 4A 7C 0A|"; depth:21; reference:md5,48ad09c574a4bd3bb24d007005382e63; reference:md5,a264690a775a4e1b3d91c2dbcd850ce9; classtype:command-and-control; sid:2012895; rev:3; metadata:created_at 2011_05_31, former_category MALWARE, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_12_03;)
References
| md5 | 48ad09c574a4bd3bb24d007005382e63 |
| md5 | a264690a775a4e1b3d91c2dbcd850ce9 |
Metadata
created at2011_05_31
former categoryMALWARE
confidenceHigh
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2024_12_03
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!