MALWARE [PTsecurity] Onion.casa SSL Certificate Observed

SID: 11002667Rev: 00 views
Sourceptresearch/attackdetection
CreatedMarch 13, 2018
UpdatedMarch 13, 2018
Classificationpolicy-violation
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"MALWARE [PTsecurity] Onion.casa SSL Certificate Observed"; content:"|30 3A 31 21 30 1F 06 0355 04 0B 13 18 44 6F 6D 61 69 6E 20 43 6F 6E 7472 6F 6C 20 56 61 6C 69 64 61 74 65 64 31 15 3013 06 03 55 04 03 0C 0C 2A 2E 6F 6E 69 6F 6E 2E63 61 73 61|"; flowbits:set,FB513376_; flowbits:noalert; classtype:policy-violation; metadata:created_at 2018_3_13; reference:url, github.com/ptresearch/AttackDetection; sid:11002667;)

References

urlgithub.com/ptresearch/AttackDetection

Metadata

created at2018_3_13

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!