ET MALWARE W32/Vundo.Downloader Reporting User Website Session Information

SID: 2016417Rev: 30 viewsHistory

Sourceet/open

CreatedFebruary 16, 2013

UpdatedApril 23, 2020

Classificationtrojan-activity

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE W32/Vundo.Downloader Reporting User Website Session Information"; flow:established,to_server; http.uri; content:"/js.php?ran="; fast_pattern; content:"&t="; content:"&u="; http.accept_lang; content:"ru-RU"; nocase; startswith; reference:url,www.lavasoft.com/mylavasoft/malware-descriptions/blog/trojandownloaderwin32vundojd; classtype:trojan-activity; sid:2016417; rev:3; metadata:created_at 2013_02_16, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_23;)

References

url	www.lavasoft.com/mylavasoft/malware-descriptions/blog/trojandownloaderwin32vundojd

Metadata

created at2013_02_16

signature severityMajor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2020_04_23

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!