AT related malicious URL (webmail465163 .kmdastur .co/r?auth=f5ebb7e0ec4b860d&u=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS91cmw/cT1odHRwcyUzQSUyRiUyRndlYm1haWxzMzkuZmlsZ2h0LWNhbC5jb20lMkZvdXRsb29rZW5jcnB0JnNhPUQmc250ej0xJnVzZz1BT3ZWYXczdTc0Rkh5RzZOVktrNmtna0VmNUR5I3Rrb2VubmluZ0BjbHRob21hcy5jb21nbGUuY29t)

SID: 6001562Rev: 20 views
Sourcejulioliraup/antiphishing
CreatedMay 22, 2026
UpdatedMay 22, 2026
Classificationsocial-engineering
alert http $HOME_NET any -> any any (msg:"AT related malicious URL (webmail465163 .kmdastur .co/r?auth=f5ebb7e0ec4b860d&u=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS91cmw/cT1odHRwcyUzQSUyRiUyRndlYm1haWxzMzkuZmlsZ2h0LWNhbC5jb20lMkZvdXRsb29rZW5jcnB0JnNhPUQmc250ej0xJnVzZz1BT3ZWYXczdTc0Rkh5RzZOVktrNmtna0VmNUR5I3Rrb2VubmluZ0BjbHRob21hcy5jb21nbGUuY29t)"; flow:established,to_server; http.uri; content:"/r?auth=f5ebb7e0ec4b860d&u=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS91cmw/cT1odHRwcyUzQSUyRiUyRndlYm1haWxzMzkuZmlsZ2h0LWNhbC5jb20lMkZvdXRsb29rZW5jcnB0JnNhPUQmc250ej0xJnVzZz1BT3ZWYXczdTc0Rkh5RzZOVktrNmtna0VmNUR5I3Rrb2VubmluZ0BjbHRob21hcy5jb21nbGUuY29t"; startswith; fast_pattern; http.host; content:"webmail465163.kmdastur.co"; endswith; reference:url,openphish.com; reference:url,github.com/julioliraup/Antiphishing; reference:url,julioliraup.github.io/ET/signature.html?sid=6001562; classtype:social-engineering; sid:6001562; rev:2; metadata:signature_severity Major, created_et 2026_05_11, updated_et 2025_05_11;)

References

urlopenphish.com
urlgithub.com/julioliraup/Antiphishing
urljulioliraup.github.io/ET/signature.html?sid=6001562

Metadata

signature severityMajor
created et2026_05_11
updated et2025_05_11

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!