#alert udp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED Mitglieder Proxy Trojan CnC?"; dsize:2; byte_test:2, >, 1024, 0; threshold:type both, track by_src, count 1000, seconds 300; reference:url,www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Win32%2fMitglieder; classtype:trojan-activity; sid:2013418; rev:5; metadata:created_at 2011_08_17, updated_at 2011_08_17;)

Added 2017-08-07 21:06:43 UTC


##alert udp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED Mitglieder Proxy Trojan CnC?"; dsize:2; byte_test:2, >, 1024, 0; threshold:type both, track by_src, count 1000, seconds 300; reference:url,www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Win32%2fMitglieder; classtype:trojan-activity; sid:2013418; rev:5;)

Added 2012-01-09 22:46:50 UTC


alert udp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Mitglieder Proxy Trojan CnC?"; dsize:2; byte_test:2, >, 1024, 0; threshold:type both, track by_src, count 1000, seconds 300; reference:url,www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Win32%2fMitglieder; classtype:trojan-activity; sid:2013418; rev:5;)

Added 2011-10-12 19:36:48 UTC


alert udp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Mitglieder Proxy Trojan CnC?"; dsize:2; byte_test:2, >, 1024, 0; threshold:type both, track by_src, count 1000, seconds 300; classtype:trojan-activity; reference:url,www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Win32%2fMitglieder; sid:2013418; rev:5;)

Added 2011-08-20 07:22:16 UTC


alert udp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Mitglieder Proxy Trojan CnC?"; dsize:2; byte_test:2, >, 1024, 0; threshold:type both, track by_src, count 1000, seconds 300; classtype:trojan-activity; reference:url,www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Win32%2fMitglieder; sid:2013418; rev:5;)

Added 2011-08-19 16:53:11 UTC


alert udp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Mitglieder Proxy Trojan CnC?"; dsize:2; byte_test:2, >, 1024, 0; threshold:type both, track by_src, count 100, seconds 300; classtype:trojan-activity; reference:url,www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Win32%2fMitglieder; sid:2013418; rev:3;)

Added 2011-08-17 22:53:22 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats