ET MOBILE_MALWARE Android.CruseWin Retriving XML File from Hard Coded CnC

SID: 2013193Rev: 50 views
History
Sourceet/open
CreatedJuly 5, 2011
UpdatedOctober 5, 2020
Classificationcommand-and-control
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MOBILE_MALWARE Android.CruseWin Retriving XML File from Hard Coded CnC"; flow:established,to_server; flowbits:set,ET.And.CruseWin; flowbits:noalert; http.uri; content:"/flash/test.xml"; fast_pattern; reference:url,www.fortiguard.com/encyclopedia/virus/android_crusewin.a!tr.html; classtype:command-and-control; sid:2013193; rev:5; metadata:affected_product Android, attack_target Client_Endpoint, created_at 2011_07_05, deployment Perimeter, signature_severity Critical, tag Android, updated_at 2020_10_05;)

References

urlwww.fortiguard.com/encyclopedia/virus/android_crusewin.a!tr.html

Metadata

affected productAndroid
attack targetClient_Endpoint
created at2011_07_05
deploymentPerimeter
signature severityCritical
tagAndroid
updated at2020_10_05

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!