ET DELETED Likely Malicious Redirect SSL Cert

SID: 2021415Rev: 30 views
History
Sourceet/open
CreatedJuly 15, 2015
UpdatedSeptember 10, 2019
Classificationtrojan-activity
alert tls $EXTERNAL_NET 443 -> $HOME_NET any (msg:"ET DELETED Likely Malicious Redirect SSL Cert"; flow:established,from_server; content:"|55 04 03|"; content:"|10|mixticmotion.com"; distance:1; within:17; classtype:trojan-activity; sid:2021415; rev:3; metadata:attack_target Client_Endpoint, created_at 2015_07_15, deployment Perimeter, signature_severity Major, tag SSL_Malicious_Cert, updated_at 2019_09_10;)

Metadata

attack targetClient_Endpoint
created at2015_07_15
deploymentPerimeter
signature severityMajor
tagSSL_Malicious_Cert
updated at2019_09_10

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!