ET MALWARE W32/Mepaow.Backdoor Initial Checkin to Intermediary Pre-CnC

SID: 2014754Rev: 70 viewsHistory

Sourceet/open

CreatedMay 17, 2012

UpdatedApril 21, 2020

Classificationcommand-and-control

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE W32/Mepaow.Backdoor Initial Checkin to Intermediary Pre-CnC"; flow:established,to_server; http.uri; content:"/PostView.nhn?blogId="; fast_pattern; content:"&logNo="; content:"&parentCategoryNo="; content:"&userTopListOpen="; content:"&userTopListManageOpen="; http.user_agent; content:"Mozilla/4.0 (compatible|3b 20|Win32|3b 20|WinHttp.WinHttpRequest.5)"; bsize:57; reference:url,home.mcafee.com/virusinfo/virusprofile.aspx?key=1072862; reference:md5,8af17164500aac1c0965b842aca3fed7; classtype:command-and-control; sid:2014754; rev:7; metadata:created_at 2012_05_17, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_21;)

References

url	home.mcafee.com/virusinfo/virusprofile.aspx?key=1072862
md5	8af17164500aac1c0965b842aca3fed7 Google Search Brave Search

Metadata

created at2012_05_17

signature severityMajor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2020_04_21

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!