ET MALWARE Win32.Chroject.B ClickFraud Request

SID: 2020750Rev: 50 views
History
Sourceet/open
CreatedMarch 26, 2015
UpdatedMay 19, 2020
Classificationtrojan-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32.Chroject.B ClickFraud Request"; flow:to_server,established; http.method; content:"GET"; http.uri; content:"/item/fmt?ct="; depth:13; fast_pattern; http.referer; pcre:"/^http\x3a\/\/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\/[a-z_-]+\/(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=|[A-Za-z0-9+/]{4})\r?$/i"; reference:md5,586ad13656f4595723b481d77b6bfb09; classtype:trojan-activity; sid:2020750; rev:5; metadata:created_at 2015_03_26, signature_severity Major, updated_at 2020_05_19;)

References

md5
586ad13656f4595723b481d77b6bfb09
Google SearchBrave Search

Metadata

created at2015_03_26
signature severityMajor
updated at2020_05_19

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!