ET MALWARE MultiThreat/Winspy.RAT SMTP Data Exfiltration

SID: 2018293Rev: 10 views
History
Sourceet/open
CreatedMarch 18, 2014
UpdatedJuly 26, 2019
Classificationtrojan-activity
alert tcp $HOME_NET any -> $EXTERNAL_NET 37 (msg:"ET MALWARE MultiThreat/Winspy.RAT SMTP Data Exfiltration"; flow:established,to_server; content:"X-Mailer|3A| SysMon v1.0.0"; reference:url,www.fireeye.com/blog/technical/2014/03/from-windows-to-droids-an-insight-in-to-multi-vector-attack-mechanisms-in-rats.html; classtype:trojan-activity; sid:2018293; rev:1; metadata:created_at 2014_03_18, signature_severity Major, updated_at 2019_07_26;)

References

urlwww.fireeye.com/blog/technical/2014/03/from-windows-to-droids-an-insight-in-to-multi-vector-attack-mechanisms-in-rats.html

Metadata

created at2014_03_18
signature severityMajor
updated at2019_07_26

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!