ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz

SID: 2018141Rev: 66 views
History
Sourceet/open
CreatedFebruary 15, 2014
UpdatedAugust 11, 2022
Classificationtrojan-activity
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz"; flow:established,to_client; http.cookie; content:"snkz="; pcre:"/^\d{1,3}\x2E\d{1,3}\x2E\d{1,3}\x2E\d{1,3}/R"; threshold:type limit, count 1, seconds 300, track by_src; classtype:trojan-activity; sid:2018141; rev:6; metadata:created_at 2014_02_15, confidence High, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2022_08_11, reviewed_at 2024_04_23;)

Metadata

created at2014_02_15
confidenceHigh
signature severityInformational
tagDescription_Generated_By_Proofpoint_Nexus
updated at2022_08_11
reviewed at2024_04_23

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!