#alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET TROJAN Trojan-Downloader Win32.Genome.AV server response"; flow:to_client,established; file_data; content:"|5b|Soft"; pcre:"/^\d+?\x5d/R"; content:"SoftTitle="; distance:0; flowbits:isset,et.GENOME.AV; reference:md5,d14314ceb74c8c1a8e1e8ca368d75501; classtype:trojan-activity; sid:2017747; rev:3; metadata:created_at 2013_11_25, updated_at 2013_11_25;)

Added 2020-11-20 19:36:43 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET TROJAN Trojan-Downloader Win32.Genome.AV server response"; flow:to_client,established; file_data; content:"|5b|Soft"; pcre:"/^\d+?\x5d/R"; content:"SoftTitle="; distance:0; flowbits:isset,et.GENOME.AV; reference:md5,d14314ceb74c8c1a8e1e8ca368d75501; classtype:trojan-activity; sid:2017747; rev:3; metadata:created_at 2013_11_25, updated_at 2013_11_25;)

Added 2018-09-13 19:48:03 UTC


Added 2018-09-13 17:58:12 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET TROJAN Trojan-Downloader Win32.Genome.AV server response"; flow:to_client,established; file_data; content:"|5b|Soft"; pcre:"/^\d+?\x5d/R"; content:"SoftTitle="; distance:0; flowbits:isset,et.GENOME.AV; reference:md5,d14314ceb74c8c1a8e1e8ca368d75501; classtype:trojan-activity; sid:2017747; rev:3; metadata:created_at 2013_11_25, updated_at 2013_11_25;)

Added 2017-08-07 21:11:41 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET TROJAN Trojan-Downloader Win32.Genome.AV server response"; flow:to_client,established; file_data; content:"|5b|Soft"; pcre:"/^\d+?\x5d/R"; content:"SoftTitle="; distance:0; flowbits:isset,et.GENOME.AV; reference:md5,d14314ceb74c8c1a8e1e8ca368d75501; classtype:trojan-activity; sid:2017747; rev:2;)

Added 2013-12-09 19:23:34 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET TROJAN Trojan-Downloader Win32.Genome.AV server response"; flow:to_client,established; file_data; content:"|5b|Soft"; pcre:"/^\d+?\x5d/R"; content:"SoftTitle="; distance:0; flowbits:isset,GENOME.AV; reference:md5,d14314ceb74c8c1a8e1e8ca368d75501; classtype:trojan-activity; sid:2017747; rev:1;)

Added 2013-11-25 18:40:14 UTC


Topic revision: r1 - 2020-11-21 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats