ET EXPLOIT_KIT DRIVEBY [PwC CTD] -- MultiGroup - ScanBox Watering Hole function return value

SID: 2020562Rev: 50 views
Sourceet/open
CreatedFebruary 25, 2015
UpdatedJuly 26, 2019
Classificationexploit-kit
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT_KIT DRIVEBY [PwC CTD] -- MultiGroup - ScanBox Watering Hole function return value"; flow:established,from_server; file_data; content:"return ((!a) ? 'x-'|3a| a) + Math.floor(Math.random() * 99999|29 3b|"; reference:url,pwc.blogs.com/cyber_security_updates/2014/10/scanbox-framework-whosaffected-and-whos-using-it-1.html; classtype:exploit-kit; sid:2020562; rev:5; metadata:affected_product Any, attack_target Client_Endpoint, created_at 2015_02_25, deployment Perimeter, signature_severity Major, tag DriveBy, updated_at 2019_07_26;)

References

urlpwc.blogs.com/cyber_security_updates/2014/10/scanbox-framework-whosaffected-and-whos-using-it-1.html

Metadata

affected productAny
attack targetClient_Endpoint
created at2015_02_25
deploymentPerimeter
signature severityMajor
tagDriveBy
updated at2019_07_26

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!