🐾 - 💀 HTTP connection to malicious url seen in more 35K Github repositories

SID: 3300694Rev: 10 views
Sourcepawpatrules
CreatedAugust 3, 2022
UpdatedAugust 3, 2022
Classificationtrojan-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"🐾 - 💀 HTTP connection to malicious url seen in more 35K Github repositories"; flow:to_server, stateless; threshold:type limit, track by_src,count 1, seconds 3600; http.host.raw; content:"ovz1.j19544519.pr46m.vps.myjino.ru"; reference:url,https://twitter.com/stephenlacy/status/1554697077430505473; metadata:created_at 2022_08_03, updated_at 2022_08_03; sid:3300694; rev:1; classtype:trojan-activity;)

References

urlhttps://twitter.com/stephenlacy/status/1554697077430505473

Metadata

created at2022_08_03
updated at2022_08_03

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!