ET MALWARE DOCHTML C&C http directive in HTML comments

SID: 2015616Rev: 30 views
History
Sourceet/open
CreatedAugust 11, 2012
UpdatedJuly 26, 2019
Classificationcommand-and-control
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET MALWARE DOCHTML C&C http directive in HTML comments"; flow:established,from_server; content:"|3c|!-- DOCHTMLhttp|3a|//"; reference:url,blog.accuvantlabs.com/blog/dgrif/anatomy-targeted-attack; classtype:command-and-control; sid:2015616; rev:3; metadata:created_at 2012_08_11, signature_severity Major, updated_at 2019_07_26;)

References

urlblog.accuvantlabs.com/blog/dgrif/anatomy-targeted-attack

Metadata

created at2012_08_11
signature severityMajor
updated at2019_07_26

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!