ET MALWARE Trojan-Spy.Win32.Zbot.djrm Checkin

SID: 2014399Rev: 40 views
History
Sourceet/open
CreatedMarch 15, 2012
UpdatedFebruary 14, 2024
Classificationcommand-and-control
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Trojan-Spy.Win32.Zbot.djrm Checkin"; flow:established,to_server; http.uri; content:"/index.html?mac="; content:"&ver="; content:"&os="; content:"&dtime="; fast_pattern; http.user_agent; bsize:5; content:"baidu"; reference:md5,b895249cce7d2c27cb9c480feb36560c; reference:md5,f70a5f52d4c0071963602c25b62865cb; classtype:command-and-control; sid:2014399; rev:4; metadata:created_at 2012_03_15, signature_severity Major, updated_at 2024_02_14;)

References

md5
b895249cce7d2c27cb9c480feb36560c
Google SearchBrave Search
md5
f70a5f52d4c0071963602c25b62865cb
Google SearchBrave Search

Metadata

created at2012_03_15
signature severityMajor
updated at2024_02_14

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!