ET EXPLOIT_KIT pamdql Exploit Kit 09/25/12 Sending Jar

SID: 2015724Rev: 110 views
History
Sourceet/open
CreatedSeptember 21, 2012
UpdatedFebruary 20, 2024
Classificationexploit-kit
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT_KIT pamdql Exploit Kit 09/25/12 Sending Jar"; flow:established,to_client; http.cookie; pcre:"/^[a-zA-Z]{5}=[a-z0-9]{8}\-[a-f0-9]{4}\-[a-f0-9]{4}\-[a-f0-9]{4}\-[a-f0-9]{12}$/"; http.content_type; content:"/x-java-archive"; fast_pattern; endswith; file.data; content:"PK"; startswith; classtype:exploit-kit; sid:2015724; rev:11; metadata:created_at 2012_09_21, signature_severity Major, updated_at 2024_02_20;)

Metadata

created at2012_09_21
signature severityMajor
updated at2024_02_20

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!