ET MALWARE Duuzer Checkin

SID: 2022000Rev: 10 views
History
Sourceet/open
CreatedOctober 26, 2015
UpdatedJuly 26, 2019
Classificationcommand-and-control
alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Duuzer Checkin"; flow:established,to_server; content:"|32 a3 56 bb 47 4f 32 00|"; depth:8; fast_pattern; content:"|30 b9 00 00|"; distance:3; within:4; reference:url,symantec.com/connect/blogs/duuzer-back-door-trojan-targets-south-korea-take-over-computers; reference:md5,cd7a72be9c16c2ece1140bc461d6226d; classtype:command-and-control; sid:2022000; rev:1; metadata:created_at 2015_10_26, confidence Medium, signature_severity Major, updated_at 2019_07_26;)

References

urlsymantec.com/connect/blogs/duuzer-back-door-trojan-targets-south-korea-take-over-computers
md5
cd7a72be9c16c2ece1140bc461d6226d
Google SearchBrave Search

Metadata

created at2015_10_26
confidenceMedium
signature severityMajor
updated at2019_07_26

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!