ET EXPLOIT_KIT Evil Redirector Leading to EK Sep 20 2016

SID: 2023252Rev: 20 views
History
Sourceet/open
CreatedSeptember 20, 2016
UpdatedJuly 26, 2019
Classificationexploit-kit
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT_KIT Evil Redirector Leading to EK Sep 20 2016"; flow:established,from_server; file_data; content:"Base64.encode(rc4("; nocase; fast_pattern; content:"+|22 3a|timeDelta|2c 22|+"; nocase; content:"cfg.key|29 29|"; nocase; distance:0; pcre:"/^[\x3b\x2c]postRequest\x28cfg\.urlSoftDetectorCallback/Ri"; classtype:exploit-kit; sid:2023252; rev:2; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, affected_product Web_Browser_Plugins, attack_target Client_Endpoint, created_at 2016_09_20, deployment Perimeter, malware_family EvilTDS, malware_family Malvertising, performance_impact Low, confidence High, signature_severity Major, tag Redirector, updated_at 2019_07_26;)

Metadata

affected productWeb_Browser_Plugins
attack targetClient_Endpoint
created at2016_09_20
deploymentPerimeter
malware familyMalvertising
performance impactLow
confidenceHigh
signature severityMajor
tagRedirector
updated at2019_07_26

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!