ET MALWARE Possible Upatre SSL Cert July 14 2014

SID: 2018673Rev: 10 views
History
Sourceet/open
CreatedJuly 14, 2014
UpdatedJuly 26, 2019
Classificationtrojan-activity
alert tcp $EXTERNAL_NET 443 -> $HOME_NET any (msg:"ET MALWARE Possible Upatre SSL Cert July 14 2014"; flow:established,to_client; content:"|55 04 03|"; content:"|0f|groberts.com.au"; distance:1; within:16; content:"|2a 86 48 86 f7 0d 01 09 01|"; distance:0; content:"|13|info@dctreasure.com"; distance:1; within:20; reference:md5,9f48eb74687492978259edb8f79ac397; classtype:trojan-activity; sid:2018673; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, created_at 2014_07_14, deployment Perimeter, malware_family Upatre, confidence Medium, signature_severity Critical, tag SSL_Malicious_Cert, tag Exploit_Kit, tag Downloader, tag Upatre, updated_at 2019_07_26;)

References

md5
9f48eb74687492978259edb8f79ac397
Google SearchBrave Search

Metadata

affected productWindows_XP_Vista_7_8_10_Server_32_64_Bit
attack targetClient_Endpoint
created at2014_07_14
deploymentPerimeter
malware familyUpatre
confidenceMedium
signature severityCritical
tagUpatre
updated at2019_07_26

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!