ET MALWARE Possible Malicious Invoice EXE

SID: 2019158Rev: 70 viewsHistory

Sourceet/open

CreatedSeptember 11, 2014

UpdatedOctober 9, 2020

Classificationtrojan-activity

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Possible Malicious Invoice EXE"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/invoice"; nocase; fast_pattern; pcre:"/\/invoice[^a-z\/]*?\.(?:exe|zip|7z|rar|com|vbs|ps1)$/i"; reference:md5,bdf12366779ce94178c2d1e495565d2b; classtype:trojan-activity; sid:2019158; rev:7; metadata:created_at 2014_09_11, confidence Medium, signature_severity Major, updated_at 2020_10_09;)

References

md5	bdf12366779ce94178c2d1e495565d2b Google Search Brave Search

Metadata

created at2014_09_11

confidenceMedium

signature severityMajor

updated at2020_10_09

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!