ET USER_AGENTS Suspicious User-Agent (windsoft)

SID: 2013561Rev: 60 views
History
Sourceet/open
CreatedSeptember 12, 2011
UpdatedOctober 17, 2020
Classificationtrojan-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET USER_AGENTS Suspicious User-Agent (windsoft)"; flow:established,to_server; http.user_agent; content:"WindSoft"; depth:8; endswith; classtype:trojan-activity; sid:2013561; rev:6; metadata:affected_product Any, attack_target Client_Endpoint, created_at 2011_09_12, deployment Perimeter, confidence High, signature_severity Major, tag User_Agent, updated_at 2020_10_17;)

Metadata

affected productAny
attack targetClient_Endpoint
created at2011_09_12
deploymentPerimeter
confidenceHigh
signature severityMajor
tagUser_Agent
updated at2020_10_17

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!