EmergingThreats> Main Web>2003521 (2008-01-08, TWikiGuest) EditAttach

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"BLEEDING-EDGE TROJAN TROJ_ANICMOO.AX Downloading wincf.exe"; uricontent:"/wincf.exe"; threshold:type limit, track by_src, count 1, seconds 60; classtype:trojan-activity; reference:url,uk.trendmicro-europe.com/enterprise/vinfo/encyclopedia.php?LYstr=VMAINDATA&vNav=3&VName=TROJ_ANICMOO.AX; sid:2003521; rev:1;)

Added 2007-03-30 12:05:58 UTC

Edit | Attach | Print version | History: r1 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r1 - 2008-01-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats