alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Cryptolocker Ransom Page"; flow:established,to_server; content:"/buy.php?user_code="; fast_pattern; http_uri; content:"&user_pass="; http_uri; reference:url,barracudalabs.com/2014/12/new-cryptolocker-spear-phishing-campaign-looks-to-be-the-grinch-that-stole-christmas-in-australia/; classtype:trojan-activity; sid:2019978; rev:3; metadata:created_at 2014_12_19, updated_at 2019_10_07;)

Added 2019-10-08 19:34:17 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Cryptolocker Ransom Page"; flow:established,to_server; content:"/buy.php?user_code="; fast_pattern:only; http_uri; content:"&user_pass="; http_uri; reference:url,barracudalabs.com/2014/12/new-cryptolocker-spear-phishing-campaign-looks-to-be-the-grinch-that-stole-christmas-in-australia/; classtype:trojan-activity; sid:2019978; rev:2; metadata:created_at 2014_12_19, updated_at 2014_12_19;)

Added 2018-09-13 19:50:07 UTC


Added 2018-09-13 17:59:28 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Cryptolocker Ransom Page"; flow:established,to_server; content:"/buy.php?user_code="; fast_pattern:only; http_uri; content:"&user_pass="; http_uri; reference:url,barracudalabs.com/2014/12/new-cryptolocker-spear-phishing-campaign-looks-to-be-the-grinch-that-stole-christmas-in-australia/; classtype:trojan-activity; sid:2019978; rev:2; metadata:created_at 2014_12_19, updated_at 2014_12_19;)

Added 2017-08-07 21:14:21 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Cryptolocker Ransom Page"; flow:established,to_server; content:"/buy.php?user_code="; fast_pattern:only; http_uri; content:"&user_pass="; http_uri; reference:url,barracudalabs.com/2014/12/new-cryptolocker-spear-phishing-campaign-looks-to-be-the-grinch-that-stole-christmas-in-australia/; classtype:trojan-activity; sid:2019978; rev:2;)

Added 2014-12-19 18:40:36 UTC


Topic revision: r1 - 2019-10-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats