ET MALWARE TrojanSpy.KeyLogger Hangover Campaign User-Agent(sendFile)

SID: 2016888Rev: 60 views
History
Sourceet/open
CreatedMay 21, 2013
UpdatedJune 1, 2021
Classificationtrojan-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE TrojanSpy.KeyLogger Hangover Campaign User-Agent(sendFile)"; flow:established,to_server; http.user_agent; content:"sendFile"; nocase; depth:8; http.host; content:!".tannereda.com"; endswith; reference:url,blogs.rsa.com/dont-fear-the-hangover-network-detection-of-hangover-malware-samples; reference:url,enterprise.norman.com/resources/files/unveiling_an_indian_cyberattack_infrastructure_appendixes.pdf; classtype:trojan-activity; sid:2016888; rev:6; metadata:created_at 2013_05_21, confidence High, signature_severity Major, updated_at 2021_06_01;)

References

urlblogs.rsa.com/dont-fear-the-hangover-network-detection-of-hangover-malware-samples
urlenterprise.norman.com/resources/files/unveiling_an_indian_cyberattack_infrastructure_appendixes.pdf

Metadata

created at2013_05_21
confidenceHigh
signature severityMajor
updated at2021_06_01

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!