ET MALWARE Worm.VBS Dunihi/Houdini/H-Worm/WSHRAT Checkin 1

SID: 2017516Rev: 70 views
History
Sourceet/open
CreatedAugust 28, 2013
UpdatedOctober 12, 2020
Classificationcommand-and-control
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Worm.VBS Dunihi/Houdini/H-Worm/WSHRAT Checkin 1"; flow:established,to_server; urilen:9; http.method; content:"POST"; http.uri; content:"/is-ready"; fast_pattern; nocase; reference:md5,d2e799904582f03281060689f5447585; reference:url,www.menlosecurity.com/hubfs/pdfs/Menlo_Houdini_Report%20WEB_R.pdf; classtype:command-and-control; sid:2017516; rev:7; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_and_Server, created_at 2013_08_28, deployment Perimeter, malware_family Houdini, malware_family H_worm, performance_impact Low, signature_severity Major, updated_at 2020_10_12;)

References

md5
d2e799904582f03281060689f5447585
Google SearchBrave Search
urlwww.menlosecurity.com/hubfs/pdfs/Menlo_Houdini_Report%20WEB_R.pdf

Metadata

affected productWindows_XP_Vista_7_8_10_Server_32_64_Bit
attack targetClient_and_Server
created at2013_08_28
deploymentPerimeter
malware familyH_worm
performance impactLow
signature severityMajor
updated at2020_10_12

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!