ET MOBILE_MALWARE AndroidOS/Lotoor.Q

SID: 2018520Rev: 60 views
Sourceet/open
CreatedJune 4, 2014
UpdatedSeptember 24, 2020
Classificationtrojan-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MOBILE_MALWARE AndroidOS/Lotoor.Q"; flow:established, to_server; http.uri; content:"device_id="; pcre:"/^\d{10,20}&imsi=\d{10,15}&device_name=/Ri"; content:"&app_id="; pcre:"/^[a-f0-9]{30,35}&app_package_name=/Ri"; content:"screen_density="; fast_pattern; http.header_names; content:!"Referer|0d 0a|"; reference:md5,92608e6ff795862f83d891ad8337b387; classtype:trojan-activity; sid:2018520; rev:6; metadata:affected_product Android, attack_target Client_Endpoint, created_at 2014_06_04, deployment Perimeter, signature_severity Critical, tag Android, updated_at 2020_09_24;)

References

md5
92608e6ff795862f83d891ad8337b387
Google SearchBrave Search

Metadata

affected productAndroid
attack targetClient_Endpoint
created at2014_06_04
deploymentPerimeter
signature severityCritical
tagAndroid
updated at2020_09_24

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!