ET EXPLOIT_KIT Styx Exploit Kit Secondary Landing

SID: 2016347Rev: 80 views
History
Sourceet/open
CreatedFebruary 5, 2013
UpdatedSeptember 18, 2020
Classificationexploit-kit
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET EXPLOIT_KIT Styx Exploit Kit Secondary Landing"; flow:established,to_server; http.uri; content:".js"; pcre:"/^[a-z]+\.js$/"; http.referer; content:"/i.html"; fast_pattern; pcre:"/^(\?[^=]{1,10}=[^&\r\n]{100,})?$/Ri"; classtype:exploit-kit; sid:2016347; rev:8; metadata:created_at 2013_02_05, signature_severity Major, updated_at 2020_09_18;)

Metadata

created at2013_02_05
signature severityMajor
updated at2020_09_18

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!