#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED Possible CVE-2011-2110 Flash Exploit Campaign Log.txt Request"; flow:established,to_server; content:"GET"; http_method; content:"/log.txt"; http_uri; content:"|2E|swf?info=02"; http_header; reference:cve,2011-2110; reference:url,blog.fireeye.com/research/2011/06/old-wine-in-a-new-bottle.html; classtype:trojan-activity; sid:2013113; rev:4; metadata:created_at 2011_06_23, updated_at 2011_06_23;)

Added 2017-08-07 21:06:21 UTC


#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED Possible CVE-2011-2110 Flash Exploit Campaign Log.txt Request"; flow:established,to_server; content:"GET"; http_method; content:"/log.txt"; http_uri; content:"|2E|swf?info=02"; http_header; reference:cve,2011-2110; reference:url,blog.fireeye.com/research/2011/06/old-wine-in-a-new-bottle.html; classtype:trojan-activity; sid:2013113; rev:4;)

Added 2014-09-15 18:30:46 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS Possible CVE-2011-2110 Flash Exploit Campaign Log.txt Request"; flow:established,to_server; content:"GET"; http_method; content:"/log.txt"; http_uri; content:"|2E|swf?info=02"; http_header; reference:cve,2011-2110; reference:url,blog.fireeye.com/research/2011/06/old-wine-in-a-new-bottle.html; classtype:trojan-activity; sid:2013113; rev:2;)

Added 2011-10-12 19:36:05 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS Possible CVE-2011-2110 Flash Exploit Capaign Log.txt Request"; flow:established,to_server; content:"GET"; http_method; content:"/log.txt"; http_uri; content:"|2E|swf?info=02"; http_header; classtype:trojan-activity; reference:cve,2011-2110; reference:url,blog.fireeye.com/research/2011/06/old-wine-in-a-new-bottle.html; sid:2013113; rev:1;)

Added 2011-06-24 10:34:23 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS Possible CVE-2011-2110 Flash Exploit Capaign Log.txt Request"; flow:established,to_server; content:"GET"; http_method; content:"/log.txt"; http_uri; content:"|2E|swf?info=02"; http_header; classtype:trojan-activity; reference:cve,2011-2110; reference:url,blog.fireeye.com/research/2011/06/old-wine-in-a-new-bottle.html; sid:2013113; rev:1;)

Added 2011-06-23 18:48:25 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats