AT related malicious URL (mail-server-supportmy-yiscx80byz.zh-cn.edgeone.cool/?eo_token=251d47fbeeb8fb4c806ddb1af5fb30c1)

SID: 6006138Rev: 10 views
Sourcejulioliraup/antiphishing
CreatedMay 24, 2026
UpdatedMay 24, 2026
Classificationsocial-engineering
alert http $HOME_NET any -> any any (msg:"AT related malicious URL (mail-server-supportmy-yiscx80byz.zh-cn.edgeone.cool/?eo_token=251d47fbeeb8fb4c806ddb1af5fb30c1)"; flow:established,to_server; http.uri; content:"/?eo_token=251d47fbeeb8fb4c806ddb1af5fb30c1"; startswith; fast_pattern; http.host; content:"mail-server-supportmy-yiscx80byz.zh-cn.edgeone.cool"; endswith; reference:url,openphish.com; reference:url,julioliraup.github.io/ET/signature.html?sid=6006138; classtype:social-engineering; sid:6006138; rev:1; metadata:signature_severity Major, created_et 2026_05_24;)

References

urlopenphish.com
urljulioliraup.github.io/ET/signature.html?sid=6006138

Metadata

signature severityMajor
created et2026_05_24

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!