ET MALWARE Request for fake postal receipt from e-mail link

SID: 2016147Rev: 30 views
History
Sourceet/open
CreatedJanuary 3, 2013
UpdatedApril 22, 2020
Classificationtrojan-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Request for fake postal receipt from e-mail link"; flow:established,to_server; flowbits:set,et.exploitkitlanding; http.uri; content:".php?php=receipt"; endswith; pcre:"/^\/[A-Z]+\.php\?php=receipt$/"; classtype:trojan-activity; sid:2016147; rev:3; metadata:created_at 2013_01_03, signature_severity Major, updated_at 2020_04_22;)

Metadata

created at2013_01_03
signature severityMajor
updated at2020_04_22

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!