alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET POLICY GridinSoft?.com Software Version Check"; flow:established,to_server; content:"User-Agent|3A 20|GridinSoft"; http_header; classtype:trojan-activity; sid:2013719; rev:3; metadata:created_at 2011_09_30, updated_at 2011_09_30;)

Added 2017-08-07 21:06:58 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY GridinSoft?.com Software Version Check"; flow:established,to_server; content:"User-Agent|3A 20|GridinSoft"; http_header; classtype:trojan-activity; sid:2013719; rev:2;)

Added 2011-12-16 18:54:26 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN FakeAV? User-Agent (GridinSoft?)"; flow:established,to_server; content:"User-Agent|3A 20|GridinSoft"; http_header; classtype:trojan-activity; sid:2013719; rev:1;)

Added 2011-10-12 19:37:23 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN FakeAV? User-Agent (GridinSoft?)"; flow:established,to_server; content:"User-Agent|3A 20|GridinSoft"; http_header; classtype:trojan-activity; sid:2013719; rev:1;)

Added 2011-09-30 17:45:56 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats