REMOTE [PTsecurity] Orcus

SID: 10003868Rev: 629 views
History
Sourceptrules/open
CreatedOctober 9, 2025
UpdatedOctober 9, 2025
Classificationtrojan-activity
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"REMOTE [PTsecurity] Orcus"; flow:established, to_client; content:"|308201c730820130a00302010202|"; depth:600; content:"|164F72637573536572766572436572746966696361746530|"; within:600; fast_pattern; reference:url, rules.ptsecurity.com; classtype:trojan-activity; sid:10003868; rev:6;)

References

urlrules.ptsecurity.com

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!