ET MALWARE Trojan-Spy.Win32.Zbot.qgxi Checkin

SID: 2018412Rev: 100 views
History
Sourceet/open
CreatedOctober 31, 2013
UpdatedSeptember 24, 2020
Classificationcommand-and-control
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Trojan-Spy.Win32.Zbot.qgxi Checkin"; flow:to_server,established; http.uri; content:".php?bot="; fast_pattern; http.cookie; content:"bot="; depth:4; reference:md5,0b450a92f29181065bc6601333f01b07; reference:md5,548fbf4dde27e725c0a1544f61362b50; reference:url,arbornetworks.com/asert/2014/04/trojan-eclipse-a-bad-moon-rising; classtype:command-and-control; sid:2018412; rev:10; metadata:created_at 2013_10_31, signature_severity Major, updated_at 2020_09_24;)

References

md5
0b450a92f29181065bc6601333f01b07
Google SearchBrave Search
md5
548fbf4dde27e725c0a1544f61362b50
Google SearchBrave Search
urlarbornetworks.com/asert/2014/04/trojan-eclipse-a-bad-moon-rising

Metadata

created at2013_10_31
signature severityMajor
updated at2020_09_24

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!