ET MALWARE Possible TRAT proxy component user agent detected

SID: 2017646Rev: 60 views
History
Sourceet/open
CreatedOctober 30, 2013
UpdatedApril 27, 2020
Classificationtrojan-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Possible TRAT proxy component user agent detected"; flow:established,to_server; http.user_agent; content:"Mozilla/4.0 (compatible|3b 20|MSIE 6.0.1.3|3b 20|"; nocase; fast_pattern; reference:url,www.fireeye.com/blog/technical/malware-research/2013/10/evasive-tactics-terminator-rat.html; classtype:trojan-activity; sid:2017646; rev:6; metadata:created_at 2013_10_30, confidence Medium, signature_severity Major, updated_at 2020_04_27;)

References

urlwww.fireeye.com/blog/technical/malware-research/2013/10/evasive-tactics-terminator-rat.html

Metadata

created at2013_10_30
confidenceMedium
signature severityMajor
updated at2020_04_27

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!