#alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET DELETED CoolEK? landing applet plus class Feb 12 2013"; flow:established,to_client; file_data; content:"<applet"; content:"SunJCE"; within:200; flowbits:set,et.exploitkitlanding; classtype:trojan-activity; sid:2016406; rev:3; metadata:created_at 2013_02_13, former_category EXPLOIT_KIT, updated_at 2021_06_23;)

Added 2021-09-21 19:58:29 UTC


#alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET DELETED CoolEK? landing applet plus class Feb 12 2013"; flow:established,to_client; file_data; content:"<applet"; content:"SunJCE"; within:200; flowbits:set,et.exploitkitlanding; classtype:trojan-activity; sid:2016406; rev:3; metadata:created_at 2013_02_12, former_category EXPLOIT_KIT, updated_at 2021_06_23;)

Added 2021-06-23 19:31:50 UTC


#alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET DELETED CoolEK? landing applet plus class Feb 12 2013"; flow:established,to_client; file_data; content:"<applet"; content:"SunJCE"; within:200; flowbits:set,et.exploitkitlanding; classtype:trojan-activity; sid:2016406; rev:3; metadata:created_at 2013_02_12, former_category EXPLOIT_KIT, updated_at 2013_02_12;)

Added 2020-08-05 19:08:50 UTC


#alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET DELETED CoolEK? landing applet plus class Feb 12 2013"; flow:established,to_client; file_data; content:"<applet"; content:"SunJCE"; within:200; flowbits:set,et.exploitkitlanding; metadata: former_category EXPLOIT_KIT; classtype:trojan-activity; sid:2016406; rev:3; metadata:created_at 2013_02_12, updated_at 2013_02_12;)

Added 2019-09-26 19:57:19 UTC


#alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET DELETED CoolEK? landing applet plus class Feb 12 2013"; flow:established,to_client; file_data; content:"<applet"; content:"SunJCE"; within:200; flowbits:set,et.exploitkitlanding; classtype:trojan-activity; sid:2016406; rev:3; metadata:created_at 2013_02_12, updated_at 2013_02_12;)

Added 2018-09-13 19:46:22 UTC


Added 2018-09-13 17:57:19 UTC


#alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET DELETED CoolEK? landing applet plus class Feb 12 2013"; flow:established,to_client; file_data; content:"<applet"; content:"SunJCE"; within:200; flowbits:set,et.exploitkitlanding; classtype:trojan-activity; sid:2016406; rev:3; metadata:created_at 2013_02_12, updated_at 2013_02_12;)

Added 2017-08-07 21:10:07 UTC


##alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET DELETED CoolEK? landing applet plus class Feb 12 2013"; flow:established,to_client; file_data; content:"<applet"; content:"SunJCE"; within:200; flowbits:set,et.exploitkitlanding; classtype:trojan-activity; sid:2016406; rev:3;)

Added 2015-01-26 20:32:39 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS CoolEK? landing applet plus class Feb 12 2013"; flow:established,to_client; file_data; content:"<applet"; content:"SunJCE"; within:200; flowbits:set,et.exploitkitlanding; classtype:trojan-activity; sid:2016406; rev:1;)

Added 2013-02-12 18:34:24 UTC



This topic: Main > 2016406
Topic revision: r1 - 2021-09-21 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats