alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32/OutBrowse.G Variant Checkin"; flow:to_server,established; content:"/dmresources/instructions"; fast_pattern; http_uri; content:".dat"; http_uri; content:"NSISDL/1.2 (Mozilla)"; depth:20; http_user_agent; http_protocol; content:"HTTP/1.0"; isdataat:!1,relative; http_header_names; content:!"Referer"; reference:md5,d75055c45e2c5293c3e0fbffb299ea6d; classtype:trojan-activity; sid:2017992; rev:9; metadata:created_at 2014_01_20, former_category ADWARE_PUP, updated_at 2020_09_17;)

Added 2021-09-09 17:40:21 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32/OutBrowse.G Variant Checkin"; flow:to_server,established; content:"/dmresources/instructions"; fast_pattern; http_uri; content:".dat"; http_uri; content:"NSISDL/1.2 (Mozilla)"; depth:20; http_user_agent; http_protocol; content:"HTTP/1.0"; isdataat:!1,relative; http_header_names; content:!"Referer"; reference:md5,d75055c45e2c5293c3e0fbffb299ea6d; reference:url,www.virustotal.com/en/file/95e0eaaee080f2c167464ed6da7e4b7a27937ac64fd3e1792a1aa84c1aed488e analysis/; classtype:trojan-activity; sid:2017992; rev:9; metadata:created_at 2014_01_20, former_category ADWARE_PUP, updated_at 2020_09_17;)

Added 2020-09-17 18:28:52 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32/OutBrowse.G Variant Checkin"; flow:to_server,established; content:"/dmresources/instructions"; fast_pattern; http_uri; content:".dat"; http_uri; content:"NSISDL/1.2 (Mozilla)"; depth:20; http_user_agent; http_protocol; content:"HTTP/1.0"; isdataat:!1,relative; http_header_names; content:!"Referer"; reference:md5,d75055c45e2c5293c3e0fbffb299ea6d; reference:url,www.virustotal.com/en/file/95e0eaaee080f2c167464ed6da7e4b7a27937ac64fd3e1792a1aa84c1aed488e analysis/; classtype:trojan-activity; sid:2017992; rev:9; metadata:created_at 2014_01_20, former_category ADWARE_PUP, updated_at 2019_09_28;)

Added 2020-08-05 19:09:34 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32/OutBrowse.G Variant Checkin"; flow:to_server,established; content:"/dmresources/instructions"; fast_pattern; http_uri; content:".dat"; http_uri; content:"NSISDL/1.2 (Mozilla)"; depth:20; http_user_agent; http_protocol; content:"HTTP/1.0"; isdataat:!1,relative; http_header_names; content:!"Referer"; metadata: former_category ADWARE_PUP; reference:md5,d75055c45e2c5293c3e0fbffb299ea6d; reference:url,www.virustotal.com/en/file/95e0eaaee080f2c167464ed6da7e4b7a27937ac64fd3e1792a1aa84c1aed488e analysis/; classtype:trojan-activity; sid:2017992; rev:9; metadata:created_at 2014_01_20, updated_at 2019_09_28;)

Added 2019-10-01 08:28:07 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32/OutBrowse.G Variant Checkin"; flow:to_server,established; content:"/dmresources/instructions"; fast_pattern; http_uri; content:".dat"; http_uri; content:"NSISDL/1.2 (Mozilla)"; depth:20; http_user_agent; http_protocol; content:"HTTP/1.0"; isdataat:!1,relative; http_header_names; content:!"Referer"; metadata: former_category ADWARE_PUP; reference:md5,d75055c45e2c5293c3e0fbffb299ea6d; reference:url,www.virustotal.com/en/file/95e0eaaee080f2c167464ed6da7e4b7a27937ac64fd3e1792a1aa84c1aed488e analysis/; classtype:trojan-activity; sid:2017992; rev:9; metadata:created_at 2014_01_20, updated_at 2019_09_28;)

Added 2019-10-01 04:22:30 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32/OutBrowse.G Variant Checkin"; flow:to_server,established; content:"/dmresources/instructions"; fast_pattern; http_uri; content:".dat"; http_uri; content:"NSISDL/1.2 (Mozilla)"; depth:20; http_user_agent; http_protocol; content:"HTTP/1.0"; isdataat:!1,relative; http_header_names; content:!"Referer"; metadata: former_category ADWARE_PUP; reference:md5,d75055c45e2c5293c3e0fbffb299ea6d; reference:url,www.virustotal.com/en/file/95e0eaaee080f2c167464ed6da7e4b7a27937ac64fd3e1792a1aa84c1aed488e analysis/; classtype:trojan-activity; sid:2017992; rev:9; metadata:created_at 2014_01_20, updated_at 2014_01_20;)

Added 2019-09-26 19:57:32 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32/OutBrowse.G Variant Checkin"; flow:to_server,established; content:"/dmresources/instructions"; fast_pattern; http_uri; content:".dat"; http_uri; content:"NSISDL/1.2 (Mozilla)"; depth:20; http_user_agent; http_protocol; content:"HTTP/1.0"; isdataat:!1,relative; http_header_names; content:!"Referer"; metadata: former_category MALWARE; reference:md5,d75055c45e2c5293c3e0fbffb299ea6d; reference:url,www.virustotal.com/en/file/95e0eaaee080f2c167464ed6da7e4b7a27937ac64fd3e1792a1aa84c1aed488e analysis/; classtype:trojan-activity; sid:2017992; rev:9; metadata:created_at 2014_01_20, updated_at 2014_01_20;)

Added 2019-08-15 20:33:18 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32/OutBrowse.G Variant Checkin"; flow:to_server,established; content:"/dmresources/instructions"; fast_pattern; http_uri; content:".dat"; http_uri; content:"NSISDL/1.2 (Mozilla)"; depth:20; http_user_agent; http_protocol; content:"HTTP/1.0"; isdataat:!1,relative; http_header_names; content:!"Referer"; reference:md5,d75055c45e2c5293c3e0fbffb299ea6d; reference:url,www.virustotal.com/en/file/95e0eaaee080f2c167464ed6da7e4b7a27937ac64fd3e1792a1aa84c1aed488e analysis/; classtype:trojan-activity; sid:2017992; rev:8; metadata:created_at 2014_01_20, updated_at 2014_01_20;)

Added 2018-09-13 19:48:17 UTC


Added 2018-09-13 17:58:21 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32/OutBrowse.G Variant Checkin"; flow:to_server,established; content:"/dmresources/instructions"; fast_pattern; http_uri; content:".dat"; http_uri; content:"|20|HTTP/1.0|0d 0a|"; content:!"Referer|3a|"; http_header; content:"NSISDL/1.2 (Mozilla)"; depth:20; http_user_agent; reference:md5,d75055c45e2c5293c3e0fbffb299ea6d; reference:url,www.virustotal.com/en/file/95e0eaaee080f2c167464ed6da7e4b7a27937ac64fd3e1792a1aa84c1aed488e analysis/; classtype:trojan-activity; sid:2017992; rev:7; metadata:created_at 2014_01_20, updated_at 2014_01_20;)

Added 2017-08-07 21:12:00 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Win32/OutBrowse.G Variant Checkin"; flow:to_server,established; content:"/dmresources/instructions"; fast_pattern; http_uri; content:".dat"; http_uri; content:"|20|HTTP/1.0|0d 0a|"; content:!"Referer|3a|"; http_header; content:"NSISDL/1.2 (Mozilla)"; depth:20; http_user_agent; reference:md5,d75055c45e2c5293c3e0fbffb299ea6d; reference:url,www.virustotal.com/en/file/95e0eaaee080f2c167464ed6da7e4b7a27937ac64fd3e1792a1aa84c1aed488e analysis/; classtype:trojan-activity; sid:2017992; rev:7;)

Added 2014-10-20 18:04:18 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Win32/OutBrowse.G Variant Checkin"; flow:to_server,established; content:"/dmresources/instructions"; fast_pattern; http_uri; content:".dat"; http_uri; content:"|20|HTTP/1.0|0d 0a|"; content:!"Referer|3a|"; http_header; content:"User-Agent|3a 20|NSISDL/1.2 (Mozilla)|0d 0a|"; http_header; reference:md5,d75055c45e2c5293c3e0fbffb299ea6d; reference:url,www.virustotal.com/en/file/95e0eaaee080f2c167464ed6da7e4b7a27937ac64fd3e1792a1aa84c1aed488e analysis/; classtype:trojan-activity; sid:2017992; rev:4;)

Added 2014-04-03 17:50:46 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Win32/OutBrowse.G Variant Checkin"; flow:to_server,established; content:"/dmresources/instructions.dat"; fast_pattern; depth:29; http_uri; content:"|20|HTTP/1.0|0d 0a|"; content:!"Referer|3a|"; http_header; content:"User-Agent|3a 20|NSISDL/1.2 (Mozilla)|0d 0a|"; http_header; reference:md5,d75055c45e2c5293c3e0fbffb299ea6d; reference:url,www.virustotal.com/en/file/95e0eaaee080f2c167464ed6da7e4b7a27937ac64fd3e1792a1aa84c1aed488e analysis/; classtype:trojan-activity; sid:2017992; rev:3;)

Added 2014-03-17 18:18:46 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Win32/OutBrowse.G Variant Checkin"; flow:to_server,established; content:"/dmresources/instructions.dat"; fast_pattern:0,20; depth:29; http_uri; content:"|20|HTTP/1.0|0d 0a|"; content:!"Referer|3a|"; http_header; content:"User-Agent|3a 20|NSISDL/1.2 (Mozilla)|0d 0a|"; http_header; reference:md5,d75055c45e2c5293c3e0fbffb299ea6d; reference:url,www.virustotal.com/en/file/95e0eaaee080f2c167464ed6da7e4b7a27937ac64fd3e1792a1aa84c1aed488e analysis/; classtype:trojan-activity; sid:2017992; rev:2;)

Added 2014-01-20 15:25:18 UTC


Topic revision: r1 - 2021-09-09 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats