ET EXPLOIT_KIT Possible Magnitude EK (formerly Popads) IE Exploit with IE UA Oct 16 2013

SID: 2017613Rev: 117 views
History
Sourceet/open
CreatedOctober 17, 2013
UpdatedMarch 3, 2024
Classificationexploit-kit
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET EXPLOIT_KIT Possible Magnitude EK (formerly Popads) IE Exploit with IE UA Oct 16 2013"; flow:established,to_server; flowbits:set,et.exploitkitlanding; urilen:66; http.uri; pcre:"/^\/[a-f0-9]{32}\/[a-f0-9]{32}$/i"; http.referer; content:"http|3a|//"; startswith; pcre:"/\/\?[a-f0-9]{32}=\d{1,10}$/R"; http.user_agent; content:" MSIE "; fast_pattern; classtype:exploit-kit; sid:2017613; rev:11; metadata:created_at 2013_10_17, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_03;)

Metadata

created at2013_10_17
confidenceMedium
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2024_03_03

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!