alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN NetBackdoor? Checkin"; flow:to_server,established; content:"POST"; http_method; content:".php"; http_uri; content:"|0d 0a|log="; http_client_body; fast_pattern; content:"path="; http_client_body; pcre:"/path=[A-Z]\x3a\x5c[A-F0-9]+\r\nlog=/Pi"; reference:md5,a6a9e8b0432ad557245ac8ad2926ed7c; classtype:trojan-activity; sid:2022244; rev:2; metadata:created_at 2015_12_12, former_category MALWARE, updated_at 2020_06_10;)

Added 2021-09-21 20:00:27 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN NetBackdoor? Checkin"; flow:to_server,established; content:"POST"; http_method; content:".php"; http_uri; content:"|0d 0a|log="; http_client_body; fast_pattern; content:"path="; http_client_body; pcre:"/path=[A-Z]\x3a\x5c[A-F0-9]+\r\nlog=/Pi"; reference:md5,a6a9e8b0432ad557245ac8ad2926ed7c; classtype:trojan-activity; sid:2022244; rev:2; metadata:created_at 2015_12_11, former_category MALWARE, updated_at 2020_06_10;)

Added 2020-08-05 19:11:54 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN NetBackdoor? Checkin"; flow:to_server,established; content:"POST"; http_method; content:".php"; http_uri; content:"|0d 0a|log="; http_client_body; fast_pattern; content:"path="; http_client_body; pcre:"/path=[A-Z]\x3a\x5c[A-F0-9]+\r\nlog=/Pi"; metadata: former_category MALWARE; reference:md5,a6a9e8b0432ad557245ac8ad2926ed7c; classtype:trojan-activity; sid:2022244; rev:2; metadata:created_at 2015_12_11, updated_at 2020_06_10;)

Added 2020-06-10 18:27:10 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN NetBackdoor? Checkin"; flow:to_server,established; content:"POST"; http_method; content:".php"; http_uri; content:"|0d 0a|log="; http_client_body; fast_pattern; content:"path="; http_client_body; pcre:"/path=[A-Z]\x3a\x5c[A-F0-9]+\r\nlog=/Pi"; metadata: former_category MALWARE; reference:md5,a6a9e8b0432ad557245ac8ad2926ed7c; classtype:trojan-activity; sid:2022244; rev:2; metadata:created_at 2015_12_11, updated_at 2015_12_11;)

Added 2019-09-26 19:58:05 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN NetBackdoor? Checkin"; flow:to_server,established; content:"POST"; http_method; content:".php"; http_uri; content:"|0d 0a|log="; http_client_body; fast_pattern; content:"path="; http_client_body; pcre:"/path=[A-Z]\x3a\x5c[A-F0-9]+\r\nlog=/Pi"; reference:md5,a6a9e8b0432ad557245ac8ad2926ed7c; classtype:trojan-activity; sid:2022244; rev:2; metadata:created_at 2015_12_11, updated_at 2015_12_11;)

Added 2018-09-13 19:52:04 UTC


Added 2018-09-13 18:00:36 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN NetBackdoor? Checkin"; flow:to_server,established; content:"POST"; http_method; content:".php"; http_uri; content:"|0d 0a|log="; http_client_body; fast_pattern; content:"path="; http_client_body; pcre:"/path=[A-Z]\x3a\x5c[A-F0-9]+\r\nlog=/Pi"; reference:md5,a6a9e8b0432ad557245ac8ad2926ed7c; classtype:trojan-activity; sid:2022244; rev:2; metadata:created_at 2015_12_11, updated_at 2015_12_11;)

Added 2017-08-07 21:17:05 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN NetBackdoor? Checkin"; flow:to_server,established; content:"POST"; http_method; content:".php"; http_uri; content:"|0d 0a|log="; http_client_body; fast_pattern; content:"path="; http_client_body; pcre:"/path=[A-Z]\x3a\x5c[A-F0-9]+\r\nlog=/Pi"; reference:md5,a6a9e8b0432ad557245ac8ad2926ed7c; classtype:trojan-activity; sid:2022244; rev:2;)

Added 2015-12-11 18:32:51 UTC



This topic: Main > 2022244
Topic revision: r1 - 2021-09-22 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats