EditAttachPrintable
r2 - 05 Mar 2008 - 18:03:00 - MattJonkmanYou are here: TWiki >  Main Web > 2007918

alert tcp $HOME_NET any -> $EXTERNAL_NET 1024: (msg:"ET TROJAN Dropper-497 (Yumato) System Stats Report"; flow:established,to_server; content:"|00 00 00 83|"; depth:4; content:""; content:"<"; distance:0; content:""; content:"<"; distance:0; classtype:trojan-activity; reference:url,doc.emergingthreats.net/bin/view/Main/TrojanDropper497; sid:2007918; rev:1;)

Added 2008-03-05 12:58:53 UTC

See TrojanDropper497

-- MattJonkman - 05 Mar 2008

 

Edit | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r2 < r1 | More topic actions
 
Emerging Threats
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback