ET MALWARE MSUpdater POST checkin to CnC

SID: 2014212Rev: 40 views
History
Sourceet/open
CreatedFebruary 7, 2012
UpdatedApril 21, 2020
Classificationcommand-and-control
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE MSUpdater POST checkin to CnC"; flow:established,to_server; http.method; content:"POST"; nocase; http.uri; content:"/microsoft/errorpost/default.aspx?ID="; reference:url,research.zscaler.com/2012/01/msupdater-trojan-and-link-to-targeted.html; reference:url,blog.seculert.com/2012/01/msupdater-trojan-and-conference-invite.html; classtype:command-and-control; sid:2014212; rev:4; metadata:created_at 2012_02_07, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_21;)

References

urlresearch.zscaler.com/2012/01/msupdater-trojan-and-link-to-targeted.html
urlblog.seculert.com/2012/01/msupdater-trojan-and-conference-invite.html

Metadata

created at2012_02_07
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2020_04_21

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!