alert tcp $HOME_NET any -> 11.11.11.11 55611 (msg:"ET TROJAN W32/Badlib Connectivity Check To Department of Defense Intelligence Information Systems"; flow:to_server; flags:S; reference:url,blog.eset.com/2011/08/03/win32delf-qcztrust-me-i%E2%80%99m-your-anti-virus; reference:url,www.eset.com/about/blog/blog/article/win32delf-qcz-additional-details; classtype:trojan-activity; sid:2013506; rev:1;)

Added 2011-10-12 19:37:03 UTC


alert tcp $HOME_NET any -> 11.11.11.11 55611 (msg:"ET TROJAN W32/Badlib Connectivity Check To Department of Defense Intelligence Information Systems"; flow:to_server; flags:S; classtype:trojan-activity; reference:url,blog.eset.com/2011/08/03/win32delf-qcztrust-me-i%E2%80%99m-your-anti-virus; reference:url,www.eset.com/about/blog/blog/article/win32delf-qcz-additional-details; sid:2013506; rev:1;)

Added 2011-09-06 17:33:28 UTC


Topic revision: r1 - 2011-10-12 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats