alert smtp any any -> $SMTP_SERVERS any (msg:"ET INFO SUSPICIOUS SMTP EXE - EXE SMTP Attachment"; flow:established; content:"|0D 0A 0D 0A|TV"; content:"AAAAAAAAAAAAAAAA"; within:200; classtype:bad-unknown; sid:2017886; rev:3; metadata:created_at 2013_12_19, updated_at 2019_03_27;)

Added 2019-03-27 17:41:22 UTC


alert smtp $EXTERNAL_NET any -> $SMTP_SERVERS any (msg:"ET INFO SUSPICIOUS SMTP EXE - EXE SMTP Attachment"; flow:established; content:"|0D 0A 0D 0A|TV"; content:"AAAAAAAAAAAAAAAA"; within:200; classtype:bad-unknown; sid:2017886; rev:2; metadata:created_at 2013_12_19, updated_at 2013_12_19;)

Added 2018-09-13 19:48:13 UTC


Added 2018-09-13 17:58:18 UTC


alert smtp $EXTERNAL_NET any -> $SMTP_SERVERS any (msg:"ET INFO SUSPICIOUS SMTP EXE - EXE SMTP Attachment"; flow:established; content:"|0D 0A 0D 0A|TV"; content:"AAAAAAAAAAAAAAAA"; within:200; classtype:bad-unknown; sid:2017886; rev:2; metadata:created_at 2013_12_19, updated_at 2013_12_19;)

Added 2017-08-07 21:11:52 UTC


alert tcp $EXTERNAL_NET any -> $SMTP_SERVERS [25,587] (msg:"ET INFO SUSPICIOUS SMTP EXE - EXE SMTP Attachment"; flow:established; content:"|0D 0A 0D 0A|TV"; content:"AAAAAAAAAAAAAAAA"; within:200; classtype:bad-unknown; sid:2017886; rev:1;)

Added 2013-12-19 18:11:48 UTC


Topic revision: r1 - 2019-03-27 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats