ET MALWARE Possible CritX/SafePack/FlashPack EXE Download

SID: 2017297Rev: 70 viewsHistory

Sourceet/open

CreatedAugust 8, 2013

UpdatedFebruary 20, 2024

Classificationexploit-kit

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET MALWARE Possible CritX/SafePack/FlashPack EXE Download"; flow:established,to_client; http.header; content:"filename=e"; fast_pattern; content:".exe"; distance:23; within:4; pcre:"/filename=e[a-f0-9]{23}\.exe/"; classtype:exploit-kit; sid:2017297; rev:7; metadata:created_at 2013_08_08, confidence Medium, signature_severity Major, updated_at 2024_02_20;)

Metadata

created at2013_08_08

confidenceMedium

signature severityMajor

updated at2024_02_20

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!