ET MALWARE Backdoor.ADDNEW (DarKDdoser) CnC 1

SID: 2015868Rev: 21 views
History
Sourceet/open
CreatedNovember 7, 2012
UpdatedJuly 26, 2019
Classificationcommand-and-control
alert tcp $HOME_NET any -> $EXTERNAL_NET 1024: (msg:"ET MALWARE Backdoor.ADDNEW (DarKDdoser) CnC 1"; flow:to_server,established; dsize:<100; content:"ADDNEW|7C|ddoser|7C|"; depth:14; pcre:"/\x7C(NEW|Awaiting commands)/R"; reference:url,blog.fireeye.com/research/2012/11/backdooraddnew-darkddoser-and-gh0st-a-match-made-in-heaven.html; reference:md5,691305b05ae75389526aa7c15b319c3b; classtype:command-and-control; sid:2015868; rev:2; metadata:created_at 2012_11_07, signature_severity Major, updated_at 2019_07_26;)

References

urlblog.fireeye.com/research/2012/11/backdooraddnew-darkddoser-and-gh0st-a-match-made-in-heaven.html
md5
691305b05ae75389526aa7c15b319c3b
Google SearchBrave Search

Metadata

created at2012_11_07
signature severityMajor
updated at2019_07_26

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!