alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS DRIVEBY Possible Goon/Infinity/Magnitude EK SilverLight? Exploit"; flow:established,to_server; content:".xap"; nocase; fast_pattern; http_uri; pcre:"/\/\d{2,}\.xap$/Ui"; metadata: former_category EXPLOIT_KIT; classtype:trojan-activity; sid:2018402; rev:4; metadata:affected_product Any, attack_target Client_Endpoint, deployment Perimeter, tag DriveBy?, signature_severity Major, created_at 2014_04_21, updated_at 2019_10_07;)

Added 2019-10-08 19:34:11 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS DRIVEBY Possible Goon/Infinity/Magnitude EK SilverLight? Exploit"; flow:established,to_server; content:".xap"; nocase; fast_pattern:only; http_uri; pcre:"/\/\d{2,}\.xap$/Ui"; metadata: former_category EXPLOIT_KIT; classtype:trojan-activity; sid:2018402; rev:3; metadata:affected_product Any, attack_target Client_Endpoint, deployment Perimeter, tag DriveBy?, signature_severity Major, created_at 2014_04_21, updated_at 2016_07_01;)

Added 2019-09-26 19:57:37 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS DRIVEBY Possible Goon/Infinity/Magnitude EK SilverLight? Exploit"; flow:established,to_server; content:".xap"; nocase; fast_pattern:only; http_uri; pcre:"/\/\d{2,}\.xap$/Ui"; classtype:trojan-activity; sid:2018402; rev:3; metadata:affected_product Any, attack_target Client_Endpoint, deployment Perimeter, tag DriveBy?, signature_severity Major, created_at 2014_04_21, updated_at 2016_07_01;)

Added 2017-08-07 21:12:28 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS DRIVEBY Possible Goon/Infinity/Magnitude EK SilverLight? Exploit"; flow:established,to_server; content:".xap"; nocase; fast_pattern:only; http_uri; pcre:"/\/\d{2,}\.xap$/Ui"; classtype:trojan-activity; sid:2018402; rev:3;)

Added 2015-07-28 18:51:06 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS DRIVEBY Possible Goon/Infinity EK SilverLight? Exploit"; flow:established,to_server; content:".xap"; nocase; fast_pattern:only; http_uri; pcre:"/\/\d{2,}\.xap$/Ui"; classtype:trojan-activity; sid:2018402; rev:1;)

Added 2014-04-21 19:36:52 UTC


Topic revision: r1 - 2019-10-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats