ET MALWARE Backdoor.Win32.RShot HTTP Checkin

SID: 2014269Rev: 70 views
History
Sourceet/open
CreatedFebruary 21, 2012
UpdatedOctober 28, 2020
Classificationcommand-and-control
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Backdoor.Win32.RShot HTTP Checkin"; flow:established,to_server; http.method; content:"POST"; http.request_body; content:"|3b 20|name=|22|bot_id|22 0d 0a 0d 0a|"; fast_pattern; content:"|3b 20|name=|22|os_version|22 0d 0a 0d 0a|"; distance:0; reference:md5,c0aadd5594d340d8a4909d172017e5d0; classtype:command-and-control; sid:2014269; rev:7; metadata:created_at 2012_02_21, signature_severity Major, updated_at 2020_10_28;)

References

md5
c0aadd5594d340d8a4909d172017e5d0
Google SearchBrave Search

Metadata

created at2012_02_21
signature severityMajor
updated at2020_10_28

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!