ET MALWARE Likely Infected HTTP POST to PHP with User-Agent of HTTP Client

SID: 2014579Rev: 50 views
History
Sourceet/open
CreatedApril 16, 2012
UpdatedMarch 10, 2024
Classificationtrojan-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Likely Infected HTTP POST to PHP with User-Agent of HTTP Client"; flow:established,to_server; http.method; content:"POST"; nocase; http.uri; content:".php"; nocase; http.user_agent; bsize:11; content:"HTTP Client"; fast_pattern; classtype:trojan-activity; sid:2014579; rev:5; metadata:created_at 2012_04_16, confidence Medium, signature_severity Major, updated_at 2024_03_10;)

Metadata

created at2012_04_16
confidenceMedium
signature severityMajor
updated at2024_03_10

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!