ET MALWARE EvilGrab/Vidgrab Checkin

SID: 2017413Rev: 30 views
History
Sourceet/open
CreatedSeptember 4, 2013
UpdatedJuly 26, 2019
Classificationcommand-and-control
alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE EvilGrab/Vidgrab Checkin"; flow:to_server,established; content:"|7c 28|"; pcre:"/^\d{1,3}\x2e\d{1,3}\x2e\d{1,3}\x2e\d{1,3}/R"; content:"|29 7c|"; within:2; pcre:"/^\d{1,5}/R"; content:"|7c|Win"; within:4; reference:url,contagiodump.blogspot.com.br/2013/09/sandbox-miming-cve-2012-0158-in-mhtml.html; classtype:command-and-control; sid:2017413; rev:3; metadata:created_at 2013_09_04, signature_severity Major, updated_at 2019_07_26;)

References

urlcontagiodump.blogspot.com.br/2013/09/sandbox-miming-cve-2012-0158-in-mhtml.html

Metadata

created at2013_09_04
signature severityMajor
updated at2019_07_26

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!