ET MALWARE Win32/Hikit Server Authentication Response

SID: 2019621Rev: 30 viewsHistory

Sourceet/open

CreatedOctober 31, 2014

UpdatedOctober 8, 2019

Classificationtrojan-activity

alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32/Hikit Server Authentication Response"; flow:established; content:"ETag|3a 20|"; content:"75BCD15"; fast_pattern; pcre:"/^ETag\x3a\x20\x22\d+75BCD15\d+\x3a[a-f0-9]{1,6}/mi"; reference:url,www.novetta.com/files/9914/1446/8050/Hikit_Analysis-Final.pdf; classtype:trojan-activity; sid:2019621; rev:3; metadata:created_at 2014_10_31, malware_family Win32_Hikit, signature_severity Major, updated_at 2019_10_08;)

References

url	www.novetta.com/files/9914/1446/8050/Hikit_Analysis-Final.pdf

Metadata

created at2014_10_31

malware familyWin32_Hikit

signature severityMajor

updated at2019_10_08

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!