ET MALWARE Possible Adwind/jSocket SSL Cert (assylias.Inc)

SID: 2020728Rev: 40 views
History
Sourceet/open
CreatedMarch 23, 2015
UpdatedApril 18, 2022
Classificationtrojan-activity
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET MALWARE Possible Adwind/jSocket SSL Cert (assylias.Inc)"; flow:established,to_client; tls.cert_serial; content:"1F:23:9D:BD"; tls.cert_subject; content:"O=assylias.Inc"; fast_pattern; reference:md5,4e5c28fab23b35dea2d48a1c2db32b56; reference:md5,b102c26e04e97bda97b11bfe7366e61e; classtype:trojan-activity; sid:2020728; rev:4; metadata:attack_target Client_Endpoint, created_at 2015_03_23, deployment Perimeter, confidence Medium, signature_severity Major, tag SSL_Malicious_Cert, updated_at 2022_04_18, reviewed_at 2024_03_27;)

References

md5
4e5c28fab23b35dea2d48a1c2db32b56
Google SearchBrave Search
md5
b102c26e04e97bda97b11bfe7366e61e
Google SearchBrave Search

Metadata

attack targetClient_Endpoint
created at2015_03_23
deploymentPerimeter
confidenceMedium
signature severityMajor
tagSSL_Malicious_Cert
updated at2022_04_18
reviewed at2024_03_27

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!