alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET HUNTING Suspicious GET Request for .x64"; flow:established,to_server; http.method; content:"GET"; http.uri; content:".x64"; endswith; fast_pattern; http.header_names; content:!"Referer"; classtype:bad-unknown; sid:2032925; rev:1; metadata:affected_product Linux, affected_product IoT, attack_target Client_Endpoint, created_at 2021_05_10, deployment Perimeter, confidence Medium, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2021_05_10;)