ET MALWARE Win32/Vundo.OD Checkin

SID: 2016424Rev: 60 views
History
Sourceet/open
CreatedDecember 17, 2011
UpdatedApril 23, 2020
Classificationcommand-and-control
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32/Vundo.OD Checkin"; flow:to_server,established; http.uri; content:"/get.php?"; pcre:"/^(?:id|key)=/Ri"; content:"id="; content:"key="; content:"&os="; content:"&av="; content:"&vm="; content:"&al="; content:"&p="; content:"&z="; http.header_names; content:!"User-Agent|0d 0a|"; reference:url,www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AWin32%2FVundo.OD; reference:md5,8840a0d9d7f4dba3953ccb68b17b2d6c; classtype:command-and-control; sid:2016424; rev:6; metadata:created_at 2011_12_17, malware_family Win32_Vundo_OD, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_23;)

References

urlwww.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AWin32%2FVundo.OD
md5
8840a0d9d7f4dba3953ccb68b17b2d6c
Google SearchBrave Search

Metadata

created at2011_12_17
malware familyWin32_Vundo_OD
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2020_04_23

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!