alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2002680; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Sony_DRM; sid:2002680; rev:7;) Added 2009-02-16 21:46:09 UTC
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2002680; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Sony_DRM; sid:2002680; rev:7;) Added 2009-02-16 21:46:09 UTC
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2002680; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Sony_DRM; sid:2002680; rev:7;) Added 2009-02-16 21:45:24 UTC
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2002680; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Sony_DRM; sid:2002680; rev:7;) Added 2009-02-16 21:45:24 UTC
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; sid:2002680; rev:6;) Added 2008-11-25 09:49:36 UTC
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; sid:2002680; rev:6;) Added 2008-11-25 09:49:36 UTC
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; sid:2002680; rev:6;) Added 2008-11-25 09:45:22 UTC
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; sid:2002680; rev:6;) Added 2008-11-25 09:45:22 UTC
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET MALWARE Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; sid:2002680; rev:5;) Added 2008-01-28 17:24:19 UTC
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET MALWARE Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; sid:2002680; rev:5;) Added 2008-01-28 17:24:19 UTC
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"BLEEDING-EDGE Malware Sony DRM - Uninstaller CLSID"; flow:from_server,established; content:"CLSID"; nocase; pcre:"/1F1EB85B-0FE9-401D-BC53-10803CF880A7|7965A6FD-B383-4658-A8E0-C78DCF2D0E63|9A60A782-282B-4D69-9B2A-0945D588A125|80E8743E-8AC5-46F1-96A0-59FA30740C51/Ri"; reference:url,www.freedom-to-tinker.com/?p=931; reference:url,www.frsirt.com/english/advisories/2005/2493; reference:url,www.microsoft.com/technet/security/bulletin/ms05-054.mspx; classtype:web-application-attack; sid:2002680; rev:4;)
Edit | Attach | Print version | History: r1 | Backlinks | Raw View | WYSIWYG | More topic actionsTopic revision: r1 - 2009-02-17 - TWikiGuest
Main Web
Create New Topic
Index
Search
Changes
Preferences- User Reference
- ATasteOfTWiki
- TextFormattingRules
- Signature Reference
- WebRss Feed
- EmergingFAQ
 |
|
Copyright © Emerging Threats