ET MALWARE MetaStealer Activity (Response)

SID: 2049282Rev: 163 viewsHistory

Sourceet/open

CreatedNovember 22, 2023

UpdatedNovember 22, 2023

Classificationtrojan-activity

alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET MALWARE MetaStealer Activity (Response)"; flow:established,to_client; content:"tempuri.org|2f|"; content:"|2f|MSValue"; within:20; content:"|7c 2a 2e 74 78 74 2c 2a 2e 64 6f 63 2a 2c 2a 2e 72 64 70|"; fast_pattern; distance:0; reference:md5,61a59a93261b2014dc310da23d1b99e1; reference:md5,cacc36c274c33415c479947893cb4631; classtype:trojan-activity; sid:2049282; rev:1; metadata:attack_target Client_Endpoint, created_at 2023_11_22, deployment Perimeter, performance_impact Low, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2023_11_22; target:dest_ip;)

References

md5	61a59a93261b2014dc310da23d1b99e1 Google Search Brave Search
md5	cacc36c274c33415c479947893cb4631 Google Search Brave Search

Metadata

attack targetClient_Endpoint

created at2023_11_22

deploymentPerimeter

performance impactLow

confidenceMedium

signature severityMajor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2023_11_22

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!