ET DELETED W32.Tinba/Zusy Banking Trojan Hardcoded CnC Domain Request - dako22tavol2andos.com - Suricata Rule 2014861 (et/open)

ET DELETED W32.Tinba/Zusy Banking Trojan Hardcoded CnC Domain Request - dako22tavol2andos.com

SID: 2014861Rev: 30 viewsHistory

Sourceet/open

CreatedJune 6, 2012

UpdatedJuly 26, 2019

Classificationcommand-and-control

alert udp $HOME_NET any -> any 53 (msg:"ET DELETED W32.Tinba/Zusy Banking Trojan Hardcoded CnC Domain Request - dako22tavol2andos.com"; content:"|01 00 00 01 00 00 00 00 00 00|"; depth:10; offset:2; content:"|11|dako22tavol2andos|03|com"; distance:0; reference:url,www.symantec.com/security_response/writeup.jsp?docid=2012-060111-3803-99&om_rssid=sr-latestthreats30days; classtype:command-and-control; sid:2014861; rev:3; metadata:created_at 2012_06_06, confidence High, signature_severity Unknown, updated_at 2019_07_26;)

References

url	www.symantec.com/security_response/writeup.jsp?docid=2012-060111-3803-99&om_rssid=sr-latestthreats30days

Metadata

created at2012_06_06

confidenceHigh

signature severityUnknown

updated at2019_07_26

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!