ET HUNTING SUSPICIOUS waulct.exe in URI Probable Process Dump/Trojan Download

SID: 2017680Rev: 40 views
History
Sourceet/open
CreatedNovember 6, 2013
UpdatedSeptember 22, 2020
Classificationtrojan-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET HUNTING SUSPICIOUS waulct.exe in URI Probable Process Dump/Trojan Download"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/waulct.exe"; nocase; fast_pattern; endswith; reference:url,alienvault.com/open-threat-exchange/blog/microsoft-office-zeroday-used-to-attack-pakistani-targets; classtype:trojan-activity; sid:2017680; rev:4; metadata:created_at 2013_11_06, confidence Medium, signature_severity Major, updated_at 2020_09_22;)

References

urlalienvault.com/open-threat-exchange/blog/microsoft-office-zeroday-used-to-attack-pakistani-targets

Metadata

created at2013_11_06
confidenceMedium
signature severityMajor
updated at2020_09_22

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!