EmergingThreats> Main Web>2008212 (revision 1)EditAttach

alert tcp $HOME_NET any -> $EXTERNAL_NET 25 (msg:"ET TROJAN Optix Pro Trojan/Keylogger Reporting Installation via Email"; flow:established,to_server; content:"|0d 0a|X-Priority\: 3|0d 0a|X-Library\: Indy "; content:"|0d 0a 0d 0a|Optix Pro v"; distance:4; within:25; classtype:trojan-activity; sid:2008212; rev:1;)

Added 2008-05-13 09:29:26 UTC


Edit | Attach | Print version | History: r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions...
Topic revision: r1 - 2008-05-13 - MattJonkman
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats