ET MALWARE Potential DNS Command and Control via TXT queries

SID: 2013514Rev: 30 views
History
Sourceet/open
CreatedSeptember 2, 2011
UpdatedJanuary 3, 2023
Classificationtrojan-activity
alert dns $HOME_NET any -> any any (msg:"ET MALWARE Potential DNS Command and Control via TXT queries"; content:"|01 00 00 01 00 00 00 00 00 00|"; depth:10; offset:2; content:"|00 00 10 00 01|"; threshold:type both, track by_src,count 10, seconds 300; reference:url,lists.emergingthreats.net/pipermail/emerging-sigs/2011-September/015625.html; classtype:trojan-activity; sid:2013514; rev:3; metadata:created_at 2011_09_02, deprecation_reason Performance, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2023_01_03;)

References

urllists.emergingthreats.net/pipermail/emerging-sigs/2011-September/015625.html

Metadata

created at2011_09_02
deprecation reasonPerformance
confidenceMedium
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2023_01_03

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!