AT related malicious URL (strosin.fujiwar.site/redirect.html/?x=b2Q9MXN5aTZhMGI3MjE3NDZjNTd0MHRfb3V0dmxfUHJlbWl1bQ%3D%3D&amp\;v=NmtxeHA2&amp\;q=QzAwMDByZng4eXkydnluMDBnX3g0MTU5Nw%3D%3D&amp\;o=Zng4eXk%3D&amp\;u=Zng4eXk%3D&amp\;k=Zng4eXk%3D&amp\;m=X3g0&amp\;c=&amp\;l=&amp\;a=X3g0&amp\;r=X3g0&amp\;t=&amp\;y=X3g0&amp\;s=&amp\;b=X3g0M2w0dmgtMGx1M2htMg==4j3dDX)

SID: 6003601Rev: 10 views
Sourcejulioliraup/antiphishing
CreatedMay 22, 2026
UpdatedMay 22, 2026
Classificationsocial-engineering
alert http $HOME_NET any -> any any (msg:"AT related malicious URL (strosin.fujiwar.site/redirect.html/?x=b2Q9MXN5aTZhMGI3MjE3NDZjNTd0MHRfb3V0dmxfUHJlbWl1bQ%3D%3D&amp\;v=NmtxeHA2&amp\;q=QzAwMDByZng4eXkydnluMDBnX3g0MTU5Nw%3D%3D&amp\;o=Zng4eXk%3D&amp\;u=Zng4eXk%3D&amp\;k=Zng4eXk%3D&amp\;m=X3g0&amp\;c=&amp\;l=&amp\;a=X3g0&amp\;r=X3g0&amp\;t=&amp\;y=X3g0&amp\;s=&amp\;b=X3g0M2w0dmgtMGx1M2htMg==4j3dDX)"; flow:established,to_server; http.uri; content:"/redirect.html/?x=b2Q9MXN5aTZhMGI3MjE3NDZjNTd0MHRfb3V0dmxfUHJlbWl1bQ%3D%3D&amp|3b|v=NmtxeHA2&amp|3b|q=QzAwMDByZng4eXkydnluMDBnX3g0MTU5Nw%3D%3D&amp|3b|o=Zng4eXk%3D&amp|3b|u=Zng4eXk%3D&amp|3b|k=Zng4eXk%3D&amp|3b|m=X3g0&amp|3b|c=&amp|3b|l=&amp|3b|a=X3g0&amp|3b|r=X3g0&amp|3b|t=&amp|3b|y=X3g0&amp|3b|s=&amp|3b|b=X3g0M2w0dmgtMGx1M2htMg==4j3dDX"; startswith; fast_pattern; http.host; content:"strosin.fujiwar.site"; endswith; reference:url,openphish.com; reference:url,julioliraup.github.io/ET/signature.html?sid=6003601; classtype:social-engineering; sid:6003601; rev:1; metadata:signature_severity Major, created_et 2026_05_19;)

References

urlopenphish.com
urljulioliraup.github.io/ET/signature.html?sid=6003601

Metadata

signature severityMajor
created et2026_05_19

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!