ET POLICY Ryeol HTTP Client Class

SID: 2013387Rev: 70 viewsHistory

Sourceet/open

CreatedAugust 10, 2011

UpdatedMay 17, 2023

Classificationmisc-activity

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET POLICY Ryeol HTTP Client Class "; flow:established,to_server; http.user_agent; content:"Ryeol HTTP Client Class"; reference:url,trustwave.azureedge.net/media/16929/the-golden-tax-department-and-emergence-of-goldenspy-malware.pdf; reference:url,github.com/Leo2016/luaTestTool/tree/master/luaTestTool/3rdTools/ryeolhttpclient_src; classtype:misc-activity; sid:2013387; rev:7; metadata:attack_target Client_Endpoint, created_at 2011_08_10, deployment Perimeter, performance_impact Low, confidence High, signature_severity Informational, updated_at 2023_05_17;)

References

url	trustwave.azureedge.net/media/16929/the-golden-tax-department-and-emergence-of-goldenspy-malware.pdf
url	github.com/Leo2016/luaTestTool/tree/master/luaTestTool/3rdTools/ryeolhttpclient_src

Metadata

attack targetClient_Endpoint

created at2011_08_10

deploymentPerimeter

performance impactLow

confidenceHigh

signature severityInformational

updated at2023_05_17

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!