ET MALWARE Possible Dridex e-mail inbound

SID: 2020351Rev: 30 views
History
Sourceet/open
CreatedFebruary 3, 2015
UpdatedMarch 7, 2024
Classificationbad-unknown
alert smtp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET MALWARE Possible Dridex e-mail inbound"; flow:established,to_server; content:"<no-replay"; fast_pattern; content:"User-Agent|3a 20|Roundcube"; classtype:bad-unknown; sid:2020351; rev:3; metadata:created_at 2015_02_03, confidence Medium, signature_severity Major, updated_at 2024_03_07;)

Metadata

created at2015_02_03
confidenceMedium
signature severityMajor
updated at2024_03_07

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!