ET EXPLOIT_KIT CoolEK - Landing Page Received - Suricata Rule 2016191 (et/open)

ET EXPLOIT_KIT CoolEK - Landing Page Received

SID: 2016191Rev: 60 viewsHistory

Sourceet/open

CreatedJanuary 12, 2013

UpdatedJuly 26, 2019

Classificationexploit-kit

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT_KIT CoolEK - Landing Page Received"; flow:established,to_client; file_data; content:"<div id=|22|heap_allign|22|></div>"; classtype:exploit-kit; sid:2016191; rev:6; metadata:created_at 2013_01_12, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)

Metadata

created at2013_01_12

signature severityMajor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2019_07_26

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!