ET EXPLOIT_KIT CoolEK Possible Java Payload Download

SID: 2016427Rev: 80 views
History
Sourceet/open
CreatedFebruary 19, 2013
UpdatedOctober 8, 2019
Classificationexploit-kit
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET EXPLOIT_KIT CoolEK Possible Java Payload Download"; flow:to_server,established; content:".exe?"; http_uri; content:"Java/1."; http_user_agent; fast_pattern; pcre:"/\.exe\?(e=)?\d+$/U"; classtype:exploit-kit; sid:2016427; rev:8; metadata:created_at 2013_02_19, confidence Medium, signature_severity Major, updated_at 2019_10_08;)

Metadata

created at2013_02_19
confidenceMedium
signature severityMajor
updated at2019_10_08

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!