MALWARE [PTsecurity] Possible Observed Malicious SSL Cert (APT32)

SID: 11003554Rev: 10 views
Sourceptresearch/attackdetection
CreatedAugust 21, 2018
UpdatedAugust 21, 2018
Classificationtrojan-activity
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"MALWARE [PTsecurity] Possible Observed Malicious SSL Cert (APT32)"; flow:established, to_client; content:"|300d06092a864886f70d01010b0500304a310b300906035504061302555331163014060355040a130d4c6574277320456e6372797074312330210603550403131a4c6574277320456e637279707420417574686f72697479205833301e170d313830|"; depth:300; flowbits:noalert; flowbits:set, FB658819_; classtype:trojan-activity; metadata:created_at 2018_8_21; reference:url, github.com/ptresearch/AttackDetection; sid:11003554; rev:1;)

References

urlgithub.com/ptresearch/AttackDetection

Metadata

created at2018_8_21

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!