ET MALWARE W32/Upatre.Downloader Encoded Binary Download Request

SID: 2020294Rev: 30 viewsHistory

Sourceet/open

CreatedJanuary 23, 2015

UpdatedMay 14, 2020

Classificationtrojan-activity

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE W32/Upatre.Downloader Encoded Binary Download Request"; flow:established,to_server; http.uri; content:"/mandoc/"; fast_pattern; depth:8; content:".pdf"; distance:0; http.header; content:"Accept|3A| text/*, application/*|0D 0A|User-Agent|3A 20|"; depth:43; reference:url,phishme.com/evolution-upatre-dyre/; classtype:trojan-activity; sid:2020294; rev:3; metadata:created_at 2015_01_23, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_05_14;)

References

url	phishme.com/evolution-upatre-dyre/

Metadata

created at2015_01_23

signature severityMajor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2020_05_14

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!