ET JA3 Hash - Possible Malware - Eitest Chrome Popup - Suricata Rule 2028367 (et/open)

ET JA3 Hash - Possible Malware - Eitest Chrome Popup

SID: 2028367Rev: 31 viewsHistory

Sourceet/open

CreatedSeptember 10, 2019

UpdatedJune 12, 2024

Classificationunknown

alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - Possible Malware - Eitest Chrome Popup"; ja3_hash; content:"098f55e27d8c4b0a590102cbdb3a5f3a"; reference:url,github.com/trisulnsm/trisul-scripts/blob/master/lua/frontend_scripts/reassembly/ja3/prints/ja3fingerprint.json; reference:url,www.malware-traffic-analysis.net; classtype:unknown; sid:2028367; rev:3; metadata:created_at 2019_09_10, deprecation_reason Duplicate, confidence Low, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_06_12;)

References

url	github.com/trisulnsm/trisul-scripts/blob/master/lua/frontend_scripts/reassembly/ja3/prints/ja3fingerprint.json
url	www.malware-traffic-analysis.net

Metadata

created at2019_09_10

deprecation reasonDuplicate

confidenceLow

signature severityMajor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2024_06_12

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!