ET MALWARE Win32/Plurox Backdoor CnC Checkin

SID: 2027506Rev: 40 views
History
Sourceet/open
CreatedJune 21, 2019
UpdatedNovember 11, 2020
Classificationcommand-and-control
alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32/Plurox Backdoor CnC Checkin"; flow:established,to_server; content:"|aa 95 82 71|"; depth:4; content:"|01 00 00 00 00 00 00 00|"; distance:4; within:8; content:"|95 82 71 aa 95 82 71|"; endswith; fast_pattern; reference:md5,c5b42399a6636de5014e2934ef08278f; reference:url,securelist.com/plurox-modular-backdoor/91213/; classtype:command-and-control; sid:2027506; rev:4; metadata:created_at 2019_06_21, malware_family Win32_Plurox, confidence Medium, signature_severity Major, updated_at 2020_11_11;)

References

md5
c5b42399a6636de5014e2934ef08278f
Google SearchBrave Search
urlsecurelist.com/plurox-modular-backdoor/91213/

Metadata

created at2019_06_21
malware familyWin32_Plurox
confidenceMedium
signature severityMajor
updated at2020_11_11

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!