ET EXPLOIT_KIT DRIVEBY [PwC CTD] -- MultiGroup - ScanBox and Targetted Watering Holes ActiveX Call

SID: 2020560Rev: 30 views
Sourceet/open
CreatedFebruary 24, 2015
UpdatedJuly 26, 2019
Classificationexploit-kit
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT_KIT DRIVEBY [PwC CTD] -- MultiGroup - ScanBox and Targetted Watering Holes ActiveX Call"; flow:established,from_server; file_data; content:"var version|3b|var ax|3b|var e|3b|try{axo=new ActiveXObject"; reference:url,pwc.blogs.com/cyber_security_updates/2014/10/scanbox-framework-whosaffected-and-whos-using-it-1.html; classtype:exploit-kit; sid:2020560; rev:3; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, affected_product Any, attack_target Client_Endpoint, created_at 2015_02_24, deployment Perimeter, signature_severity Major, tag ActiveX, tag DriveBy, updated_at 2019_07_26;)

References

urlpwc.blogs.com/cyber_security_updates/2014/10/scanbox-framework-whosaffected-and-whos-using-it-1.html

Metadata

affected productAny
attack targetClient_Endpoint
created at2015_02_24
deploymentPerimeter
signature severityMajor
tagDriveBy
updated at2019_07_26

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!