ET MALWARE MultiThreat/Winspy.RAT FTP File Download Command

SID: 2018294Rev: 10 views
History
Sourceet/open
CreatedMarch 18, 2014
UpdatedJuly 26, 2019
Classificationtrojan-activity
alert tcp $EXTERNAL_NET any -> $HOME_NET 443 (msg:"ET MALWARE MultiThreat/Winspy.RAT FTP File Download Command"; flow:established,to_server; dsize:>0; content:"/CD |5C 5C 5C|"; depth:9; pcre:"/^(?:(?:PCACTIV|ONLIN)ETIME|WEBSITE[DS]|CHATROOM|KEYLOGS)/Ri"; reference:url,www.fireeye.com/blog/technical/2014/03/from-windows-to-droids-an-insight-in-to-multi-vector-attack-mechanisms-in-rats.html; classtype:trojan-activity; sid:2018294; rev:1; metadata:created_at 2014_03_18, signature_severity Major, updated_at 2019_07_26;)

References

urlwww.fireeye.com/blog/technical/2014/03/from-windows-to-droids-an-insight-in-to-multi-vector-attack-mechanisms-in-rats.html

Metadata

created at2014_03_18
signature severityMajor
updated at2019_07_26

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!