ET SCAN ELF/Mirai Variant UDP (Inbound) M2

SID: 2058708Rev: 135 views
Sourceet/open
CreatedDecember 31, 2024
UpdatedDecember 31, 2024
Classificationtrojan-activity
alert udp $EXTERNAL_NET any -> any any (msg:"ET SCAN ELF/Mirai Variant UDP (Inbound) M2"; content:"|A5 E4 43 C7 00 3F 10 16 01 12 2F F8 3C E1 D0 5D 49 2A 43 A4 25 77 00 00 00 F2 60 25 D8 FF FF FF FF F4 6D 89 0B DC 36 47 F7 3A A5 38 8D|"; reference:url,rruzi.github.io/In-depth-Analysis-of-a-New-Mirai-Variant; reference:url,community.emergingthreats.net/t/et-scan-elf-mirai-variant/2303; classtype:trojan-activity; sid:2058708; rev:1; metadata:affected_product Linux, created_at 2024_12_31, confidence High, signature_severity Major, tag IoT, updated_at 2024_12_31; target:dest_ip;)

References

urlrruzi.github.io/In-depth-Analysis-of-a-New-Mirai-Variant
urlcommunity.emergingthreats.net/t/et-scan-elf-mirai-variant/2303

Metadata

affected productLinux
created at2024_12_31
confidenceHigh
signature severityMajor
tagIoT
updated at2024_12_31

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!