#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET POLICY REG files version 4 download"; flow:established; content:"REGEDIT4"; content:"|0D 0A|"; distance:0; content:"["; distance:0; content:"HKEY_"; distance:0; nocase; reference:url,www.ss64.com/nt/regedit.html; reference:url,doc.emergingthreats.net/bin/view/Main/2000420; classtype:misc-activity; sid:2000420; rev:11; metadata:created_at 2010_07_30, updated_at 2010_07_30;)

Added 2017-08-07 20:55:13 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET POLICY REG files version 4 download"; flow:established; content:"REGEDIT4"; content:"|0D 0A|"; distance:0; content:"["; distance:0; content:"HKEY_"; distance:0; nocase; reference:url,www.ss64.com/nt/regedit.html; reference:url,doc.emergingthreats.net/bin/view/Main/2000420; classtype:misc-activity; sid:2000420; rev:11;)

Added 2011-10-12 19:09:37 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET POLICY REG files version 4 download"; flow:established; content:"REGEDIT4"; content:"|0D 0A|"; distance:0; content:"["; distance:0; content:"HKEY_"; distance:0; nocase; classtype: misc-activity; reference:url,www.ss64.com/nt/regedit.html; reference:url,doc.emergingthreats.net/bin/view/Main/2000420; sid:2000420; rev:11;)

Added 2011-09-15 14:46:10 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET POLICY REG files version 4 download"; flow:established; content:"REGEDIT4"; content:"|0D 0A|"; distance:0; content:"["; distance:0; content:"HKEY_"; distance:0; nocase; classtype: misc-activity; reference:url,www.ss64.com/nt/regedit.html; reference:url,doc.emergingthreats.net/bin/view/Main/2000420; sid:2000420; rev:11;)

Added 2011-09-14 20:34:52 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET POLICY REG files version 4 download"; flow:established; content:"REGEDIT4"; content:"|0D 0A|"; distance:0; content:"["; distance:0; content:"HKEY_"; distance:0; nocase; classtype: misc-activity; reference:url,www.ss64.com/nt/regedit.html; reference:url,doc.emergingthreats.net/bin/view/Main/2000420; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Binary_Downloads; sid:2000420; rev:11;)

Added 2011-02-04 17:21:14 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET POLICY REG files version 4 download"; flow: established; content:"REGEDIT4"; content:"|0D 0A|"; content:"["; content:"HKEY_"; nocase; reference:url,www.ss64.com/nt/regedit.html; classtype: misc-activity; reference:url,doc.emergingthreats.net/bin/view/Main/2000420; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Binary_Downloads; sid:2000420; rev:10;)

Added 2010-06-28 22:46:58 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET POLICY REG files version 4 download"; flow: established; content:"REGEDIT4"; content:"|0D 0A|"; content:"["; content:"HKEY_"; nocase; reference:url,www.ss64.com/nt/regedit.html; classtype: misc-activity; reference:url,doc.emergingthreats.net/bin/view/Main/2000420; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Binary_Downloads; sid:2000420; rev:10;)

Added 2010-06-28 22:46:58 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET POLICY REG files version 4 download"; flow: established; content:"REGEDIT4"; content:"|0D 0A|"; content:"["; content:"HKEY_"; nocase; reference:url,www.ss64.com/nt/regedit.html; classtype: misc-activity; reference:url,doc.emergingthreats.net/bin/view/Main/2000420; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Binary_Downloads; sid: 2000420; rev:10;)

Added 2009-02-10 20:53:04 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET POLICY REG files version 4 download"; flow: established; content:"REGEDIT4"; content:"|0D 0A|"; content:"["; content:"HKEY_"; nocase; reference:url,www.ss64.com/nt/regedit.html; classtype: misc-activity; reference:url,doc.emergingthreats.net/bin/view/Main/2000420; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Binary_Downloads; sid: 2000420; rev:10;)

Added 2009-02-10 20:53:04 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET POLICY REG files version 4 download"; flow: established; content:"REGEDIT4"; content:"|0D 0A|"; content:"["; content:"HKEY_"; nocase; reference:url,www.ss64.com/nt/regedit.html; classtype: misc-activity; sid: 2000420; rev:9;)

Added 2008-02-03 12:54:27 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET POLICY REG files version 4 download"; flow: established; content:"REGEDIT4"; content:"|0D 0A|"; content:"["; content:"HKEY_"; nocase; reference:url,www.ss64.com/nt/regedit.html; classtype: misc-activity; sid: 2000420; rev:9;)

Added 2008-02-03 12:54:27 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET REG files version 4 download"; flow: established; content:"REGEDIT4"; content:"|0D 0A|"; content:"["; content:"HKEY_"; nocase; reference:url,www.ss64.com/nt/regedit.html; classtype: misc-activity; sid: 2000420; rev:8;)

Added 2008-01-31 18:48:08 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET REG files version 4 download"; flow: established; content:"REGEDIT4"; content:"|0D 0A|"; content:"["; content:"HKEY_"; nocase; reference:url,www.ss64.com/nt/regedit.html; classtype: misc-activity; sid: 2000420; rev:8;)

Added 2008-01-31 18:48:08 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg: "BLEEDING-EDGE REG files version 4 download"; flow: established; content:"REGEDIT4"; content:"|0D 0A|"; content:"["; content:"HKEY_"; nocase; reference:url,www.ss64.com/nt/regedit.html; classtype: misc-activity; sid: 2000420; rev:7; )



Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats