ET MALWARE Volatile Cedar Win32.Explosive External IP Leak
Sourceet/open
CreatedMarch 31, 2015
UpdatedMarch 17, 2022
Classificationexternal-ip-check
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET MALWARE Volatile Cedar Win32.Explosive External IP Leak"; flow:established,from_server; file_data; content:"<span id=|22|lblIPBehindProxy|22|>{"; within:29; fast_pattern; reference:md5,cefed502aaf38ee0089c527e7f537eda; reference:url,checkpoint.com/downloads/volatile-cedar-technical-report.pdf; classtype:external-ip-check; sid:2020811; rev:4; metadata:created_at 2015_03_31, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2022_03_17;)
References
| md5 | cefed502aaf38ee0089c527e7f537eda |
| url | checkpoint.com/downloads/volatile-cedar-technical-report.pdf |
Metadata
created at2015_03_31
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2022_03_17
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!