ET EXPLOIT Adobe PDF Zero Day Trojan.666 Payload libarhlp32.dll Second Stage Download POST

SID: 2016409Rev: 40 views
History
Sourceet/open
CreatedFebruary 15, 2013
UpdatedApril 23, 2020
Classificationtrojan-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET EXPLOIT Adobe PDF Zero Day Trojan.666 Payload libarhlp32.dll Second Stage Download POST"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/index.php"; http.request_body; content:"lbarhlp32.blb"; reference:url,blog.fireeye.com/research/2013/02/the-number-of-the-beast.html; classtype:trojan-activity; sid:2016409; rev:4; metadata:created_at 2013_02_15, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_23;)

References

urlblog.fireeye.com/research/2013/02/the-number-of-the-beast.html

Metadata

created at2013_02_15
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2020_04_23

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!