alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Possible APT30 Fake Mozilla UA"; flow:established,to_server; content:"Moziea/"; http_user_agent; depth:7; metadata: former_category MALWARE; reference:url,www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf; classtype:trojan-activity; sid:2020901; rev:3; metadata:created_at 2015_04_13, updated_at 2019_10_11;)

Added 2019-10-11 19:56:38 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Possible APT30 Fake Mozilla UA"; flow:established,to_server; content:"User-Agent|3a| Moziea/"; http_header; metadata: former_category MALWARE; reference:url,www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf; classtype:trojan-activity; sid:2020901; rev:2; metadata:created_at 2015_04_13, updated_at 2015_04_13;)

Added 2019-09-26 19:57:58 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Possible APT30 Fake Mozilla UA"; flow:established,to_server; content:"User-Agent|3a| Moziea/"; http_header; reference:url,www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf; classtype:trojan-activity; sid:2020901; rev:2; metadata:created_at 2015_04_13, updated_at 2015_04_13;)

Added 2018-09-13 19:51:00 UTC


Added 2018-09-13 17:59:56 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Possible APT30 Fake Mozilla UA"; flow:established,to_server; content:"User-Agent|3a| Moziea/"; http_header; reference:url,www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf; classtype:trojan-activity; sid:2020901; rev:2; metadata:created_at 2015_04_13, updated_at 2015_04_13;)

Added 2017-08-07 21:15:30 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Possible APT30 Fake Mozilla UA"; flow:established,to_server; content:"User-Agent|3a| Moziea/"; http_header; reference:url,www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf; classtype:trojan-activity; sid:2020901; rev:2;)

Added 2015-04-13 22:01:12 UTC


Topic revision: r1 - 2019-10-11 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats