ET MALWARE Pingback Exec Command Issued

SID: 2032919Rev: 20 views
History
Sourceet/open
CreatedMay 5, 2021
UpdatedMay 10, 2021
Classificationtrojan-activity
alert icmp $HOME_NET any -> any any (msg:"ET MALWARE Pingback Exec Command Issued"; dsize:>787; itype:8; content:"exec"; depth:4; reference:url,www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/backdoor-at-the-end-of-the-icmp-tunnel/; reference:md5,264c2ede235dc7232d673d4748437969; classtype:trojan-activity; sid:2032919; rev:2; metadata:attack_target Client_Endpoint, created_at 2021_05_05, deployment Perimeter, performance_impact Low, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2021_05_10;)

References

urlwww.trustwave.com/en-us/resources/blogs/spiderlabs-blog/backdoor-at-the-end-of-the-icmp-tunnel/
md5
264c2ede235dc7232d673d4748437969
Google SearchBrave Search

Metadata

attack targetClient_Endpoint
created at2021_05_05
deploymentPerimeter
performance impactLow
confidenceHigh
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2021_05_10

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!