ET DELETED W32.Tinba/Zusy Banking Trojan Hardcoded CnC Domain Request - dak1otavola1ndos.com - Suricata Rule 2014860 (et/open)

ET DELETED W32.Tinba/Zusy Banking Trojan Hardcoded CnC Domain Request - dak1otavola1ndos.com

SID: 2014860Rev: 30 viewsHistory

Sourceet/open

CreatedJune 6, 2012

UpdatedJuly 26, 2019

Classificationcommand-and-control

alert udp $HOME_NET any -> any 53 (msg:"ET DELETED W32.Tinba/Zusy Banking Trojan Hardcoded CnC Domain Request - dak1otavola1ndos.com"; content:"|01 00 00 01 00 00 00 00 00 00|"; depth:10; offset:2; content:"|10|dak1otavola1ndos|03|com"; distance:0; reference:url,www.symantec.com/security_response/writeup.jsp?docid=2012-060111-3803-99&om_rssid=sr-latestthreats30days; classtype:command-and-control; sid:2014860; rev:3; metadata:created_at 2012_06_06, confidence High, signature_severity Unknown, updated_at 2019_07_26;)

References

url	www.symantec.com/security_response/writeup.jsp?docid=2012-060111-3803-99&om_rssid=sr-latestthreats30days

Metadata

created at2012_06_06

confidenceHigh

signature severityUnknown

updated at2019_07_26

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!