alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN ELF/muBoT User-Agent (I'm a mu mu mu ?)"; flow:established,to_server; content:"I|27|m a mu mu mu|20 3f|"; fast_pattern; http_user_agent; depth:16; reference:url,pastebin.com/EH1SH9aL; classtype:trojan-activity; sid:2021917; rev:3; metadata:created_at 2015_10_06, updated_at 2020_06_02;)

Added 2020-06-02 18:09:42 UTC

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN ELF/muBoT User-Agent (I'm a mu mu mu ?)"; flow:established,to_server; content:"I|27|m a mu mu mu|20 3f|"; fast_pattern; http_user_agent; depth:16; reference:url,pastebin.com/EH1SH9aL; classtype:trojan-activity; sid:2021917; rev:3; metadata:created_at 2015_10_06, updated_at 2019_10_22;)

Added 2019-10-22 19:03:21 UTC

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN ELF/muBoT User-Agent (I'm a mu mu mu ?)"; flow:established,to_server; content:"User-Agent|3a 20|I|27|m a mu mu mu|20 3f|"; fast_pattern:8,20; http_header; reference:url,pastebin.com/EH1SH9aL; classtype:trojan-activity; sid:2021917; rev:2; metadata:created_at 2015_10_06, updated_at 2015_10_06;)

Added 2018-09-13 19:51:47 UTC

Added 2018-09-13 18:00:26 UTC

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN ELF/muBoT User-Agent (I'm a mu mu mu ?)"; flow:established,to_server; content:"User-Agent|3a 20|I|27|m a mu mu mu|20 3f|"; fast_pattern:8,20; http_header; reference:url,pastebin.com/EH1SH9aL; classtype:trojan-activity; sid:2021917; rev:2; metadata:created_at 2015_10_06, updated_at 2015_10_06;)

Added 2017-08-07 21:16:41 UTC

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN ELF/muBoT User-Agent (I'm a mu mu mu ?)"; flow:established,to_server; content:"User-Agent|3a 20|I|27|m a mu mu mu|20 3f|"; fast_pattern:8,20; http_header; reference:url,pastebin.com/EH1SH9aL; classtype:trojan-activity; sid:2021917; rev:2;)

Added 2015-10-06 17:22:51 UTC