ET WEB_SERVER China Chopper WebShell Observed Outbound

SID: 2027341Rev: 40 views
History
Sourceet/open
CreatedMay 9, 2019
UpdatedNovember 18, 2020
Classificationtrojan-activity
alert http $HTTP_SERVERS any -> $EXTERNAL_NET any (msg:"ET WEB_SERVER China Chopper WebShell Observed Outbound"; flow:established,from_server; http.stat_code; content:"200"; file.data; content:"<%@|20|Page|20|Language=|22|Jscript|22|%><eval|28|Request.Item|5b|"; fast_pattern; content:"|22 29 3b|%>"; within:50; classtype:trojan-activity; sid:2027341; rev:4; metadata:created_at 2019_05_09, performance_impact Low, signature_severity Major, updated_at 2020_11_18;)

Metadata

created at2019_05_09
performance impactLow
signature severityMajor
updated at2020_11_18

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!