MALWARE [PTsecurity] AES.DDoS.Dofloo

SID: 10004701Rev: 10 views
Sourceptresearch/attackdetection
CreatedApril 11, 2019
UpdatedApril 11, 2019
Classificationtrojan-activity
alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"MALWARE [PTsecurity] AES.DDoS.Dofloo"; flow:established, to_server; dsize:20; content:"|49 4e 46 4f 3a 30 2e 30 25 7c 30 2e 30|"; depth:13; content:"|20 4d 62 70 73 00|"; distance:1; within:6; classtype:trojan-activity; metadata:created_at 2019_04_11; reference:url, github.com/ptresearch/AttackDetection; sid:10004701; rev:1;)

References

urlgithub.com/ptresearch/AttackDetection

Metadata

created at2019_04_11

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!