alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS SUSPICIOUS EXE Download from Google Common Data Storage with no Referer"; flow:established,to_server; content:".exe"; fast_pattern; http_uri; content:"Host|3a 20|commondatastorage.googleapis.com|0d 0a|"; http_header; content:!"Referer|3a|"; http_header; metadata: former_category CURRENT_EVENTS; reference:md5,9fcbc6def809520e77dd7af984f82fd5; reference:md5,71e752dd4c4df15a910c17eadb8b15ba; classtype:trojan-activity; sid:2018556; rev:3; metadata:created_at 2014_06_11, updated_at 2019_10_07;)

Added 2019-10-09 19:08:52 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS SUSPICIOUS EXE Download from Google Common Data Storage with no Referer"; flow:established,to_server; content:".exe"; fast_pattern:only; http_uri; content:"Host|3a| commondatastorage.googleapis.com|0d 0a|"; http_header; content:!"Referer|3a|"; http_header; reference:md5,9fcbc6def809520e77dd7af984f82fd5; reference:md5,71e752dd4c4df15a910c17eadb8b15ba; classtype:trojan-activity; sid:2018556; rev:2; metadata:created_at 2014_06_11, updated_at 2019_10_07;)

Added 2019-10-07 19:58:45 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS SUSPICIOUS EXE Download from Google Common Data Storage with no Referer"; flow:established,to_server; content:".exe"; fast_pattern:only; http_uri; content:"Host|3a| commondatastorage.googleapis.com|0d 0a|"; http_header; content:!"Referer|3a|"; http_header; reference:md5,9fcbc6def809520e77dd7af984f82fd5; reference:md5,71e752dd4c4df15a910c17eadb8b15ba; classtype:trojan-activity; sid:2018556; rev:2; metadata:created_at 2014_06_11, updated_at 2014_06_11;)

Added 2018-09-13 19:48:50 UTC


Added 2018-09-13 17:58:42 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS SUSPICIOUS EXE Download from Google Common Data Storage with no Referer"; flow:established,to_server; content:".exe"; fast_pattern:only; http_uri; content:"Host|3a| commondatastorage.googleapis.com|0d 0a|"; http_header; content:!"Referer|3a|"; http_header; reference:md5,9fcbc6def809520e77dd7af984f82fd5; reference:md5,71e752dd4c4df15a910c17eadb8b15ba; classtype:trojan-activity; sid:2018556; rev:2; metadata:created_at 2014_06_11, updated_at 2014_06_11;)

Added 2017-08-07 21:12:39 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS SUSPICIOUS EXE Download from Google Common Data Storage with no Referer"; flow:established,to_server; content:".exe"; fast_pattern:only; http_uri; content:"Host|3a| commondatastorage.googleapis.com|0d 0a|"; http_header; content:!"Referer|3a|"; http_header; reference:md5,9fcbc6def809520e77dd7af984f82fd5; reference:md5,71e752dd4c4df15a910c17eadb8b15ba; classtype:trojan-activity; sid:2018556; rev:2;)

Added 2014-06-12 17:07:17 UTC


Topic revision: r1 - 2019-10-09 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats