ET EXPLOIT_KIT Unknown Malicious Second Stage Download URI Struct Sept 15 2015

SID: 2021786Rev: 40 views
History
Sourceet/open
CreatedSeptember 16, 2015
UpdatedOctober 5, 2020
Classificationexploit-kit
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET EXPLOIT_KIT Unknown Malicious Second Stage Download URI Struct Sept 15 2015"; flow:established,to_server; urilen:>46; http.uri; content:".php?rnd="; fast_pattern; content:"&id="; pcre:"/\.php\?rnd=\d+&id=[0-9A-F]{32,}$/"; http.header_names; content:!"Referer|0d 0a|"; classtype:exploit-kit; sid:2021786; rev:4; metadata:created_at 2015_09_16, confidence Medium, signature_severity Major, updated_at 2020_10_05;)

Metadata

created at2015_09_16
confidenceMedium
signature severityMajor
updated at2020_10_05

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!