#alert tcp $HOME_NET any -> $EXTERNAL_NET 443 (msg:"ET TROJAN Downloader.Win32.Tesch.A Bot Command Checkin 1"; flow:established,to_server; dsize:51; content:"|03 00 30 01 01 00|"; fast_pattern; depth:6; flowbits:set,ET.Tesch; reference:md5,86b5491831522f3c7bdcdacb17417514; reference:md5,2bebb36872b4829f553326e102d014ed; classtype:trojan-activity; sid:2018478; rev:2; metadata:created_at 2014_05_15, former_category MALWARE, updated_at 2020_08_19;)

Added 2020-12-15 18:45:11 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 443 (msg:"ET TROJAN Downloader.Win32.Tesch.A Bot Command Checkin 1"; flow:established,to_server; dsize:51; content:"|03 00 30 01 01 00|"; fast_pattern; depth:6; flowbits:set,ET.Tesch; reference:md5,86b5491831522f3c7bdcdacb17417514; reference:md5,2bebb36872b4829f553326e102d014ed; classtype:trojan-activity; sid:2018478; rev:2; metadata:created_at 2014_05_15, former_category MALWARE, updated_at 2020_08_19;)

Added 2020-08-19 18:14:23 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 443 (msg:"ET TROJAN Downloader.Win32.Tesch.A Bot Command Checkin 1"; flow:established,to_server; dsize:51; content:"|03 00 30 01 01 00|"; fast_pattern; depth:6; flowbits:set,ET.Tesch; reference:md5,86b5491831522f3c7bdcdacb17417514; reference:md5,2bebb36872b4829f553326e102d014ed; classtype:trojan-activity; sid:2018478; rev:2; metadata:created_at 2014_05_15, former_category MALWARE, updated_at 2014_05_15;)

Added 2020-08-05 19:09:49 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 443 (msg:"ET TROJAN Downloader.Win32.Tesch.A Bot Command Checkin 1"; flow:established,to_server; dsize:51; content:"|03 00 30 01 01 00|"; fast_pattern; depth:6; flowbits:set,ET.Tesch; metadata: former_category MALWARE; reference:md5,86b5491831522f3c7bdcdacb17417514; reference:md5,2bebb36872b4829f553326e102d014ed; classtype:trojan-activity; sid:2018478; rev:2; metadata:created_at 2014_05_15, updated_at 2014_05_15;)

Added 2019-09-26 19:57:37 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 443 (msg:"ET TROJAN Downloader.Win32.Tesch.A Bot Command Checkin 1"; flow:established,to_server; dsize:51; content:"|03 00 30 01 01 00|"; fast_pattern; depth:6; flowbits:set,ET.Tesch; reference:md5,86b5491831522f3c7bdcdacb17417514; reference:md5,2bebb36872b4829f553326e102d014ed; classtype:trojan-activity; sid:2018478; rev:2; metadata:created_at 2014_05_15, updated_at 2014_05_15;)

Added 2018-09-13 19:48:46 UTC


Added 2018-09-13 17:58:40 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 443 (msg:"ET TROJAN Downloader.Win32.Tesch.A Bot Command Checkin 1"; flow:established,to_server; dsize:51; content:"|03 00 30 01 01 00|"; fast_pattern; depth:6; flowbits:set,ET.Tesch; reference:md5,86b5491831522f3c7bdcdacb17417514; reference:md5,2bebb36872b4829f553326e102d014ed; classtype:trojan-activity; sid:2018478; rev:2; metadata:created_at 2014_05_15, updated_at 2014_05_15;)

Added 2017-08-07 21:12:33 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 443 (msg:"ET TROJAN Downloader.Win32.Tesch.A Bot Command Checkin 1"; flow:established,to_server; dsize:51; content:"|03 00 30 01 01 00|"; fast_pattern; depth:6; flowbits:set,ET.Tesch; reference:md5,86b5491831522f3c7bdcdacb17417514; reference:md5,2bebb36872b4829f553326e102d014ed; classtype:trojan-activity; sid:2018478; rev:2;)

Added 2014-07-02 17:05:36 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 443 (msg:"ET TROJAN Downloader.Win32.Tesch.A Client File Download Command"; flow:established,to_server; content:"|03 00 30 01 01 00|"; fast_pattern; depth:6; content:"|00|"; distance:4; within:1; pcre:"/^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}/R"; reference:md5,86b5491831522f3c7bdcdacb17417514; reference:md5,2bebb36872b4829f553326e102d014ed; classtype:trojan-activity; sid:2018478; rev:1;)

Added 2014-05-15 17:39:53 UTC


Topic revision: r1 - 2020-12-15 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats