alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN CenterPOS? User Agent Observed"; flow:established,to_server; flowbits:set,ET.centerpos; content:"IDOSJNDX"; fast_pattern; depth:8; http_user_agent; isdataat:!1,relative; reference:md5,0e278436fb49f9ab0d1a3da792cfb0c3; reference:url,www.fireeye.com/blog/threat-research/2016/01/centerpos_an_evolvi.html; classtype:trojan-activity; sid:2022468; rev:3; metadata:created_at 2016_01_28, updated_at 2019_10_23;)

Added 2019-10-23 19:39:27 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN CenterPOS? User Agent Observed"; flow:established,to_server; content:"User-Agent|3a 20|IDOSJNDX|0d 0a|"; fast_pattern; flowbits:set,ET.centerpos; reference:md5,0e278436fb49f9ab0d1a3da792cfb0c3; reference:url,www.fireeye.com/blog/threat-research/2016/01/centerpos_an_evolvi.html; classtype:trojan-activity; sid:2022468; rev:2; metadata:created_at 2016_01_28, updated_at 2016_01_28;)

Added 2018-09-13 19:52:16 UTC


Added 2018-09-13 18:00:43 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN CenterPOS? User Agent Observed"; flow:established,to_server; content:"User-Agent|3a 20|IDOSJNDX|0d 0a|"; fast_pattern; flowbits:set,ET.centerpos; reference:md5,0e278436fb49f9ab0d1a3da792cfb0c3; reference:url,www.fireeye.com/blog/threat-research/2016/01/centerpos_an_evolvi.html; classtype:trojan-activity; sid:2022468; rev:2; metadata:created_at 2016_01_28, updated_at 2016_01_28;)

Added 2017-08-07 21:17:22 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN CenterPOS? User Agent Observed"; flow:established,to_server; content:"User-Agent|3a 20|IDOSJNDX|0d 0a|"; fast_pattern; flowbits:set,ET.centerpos; reference:md5,0e278436fb49f9ab0d1a3da792cfb0c3; reference:url,www.fireeye.com/blog/threat-research/2016/01/centerpos_an_evolvi.html; classtype:trojan-activity; sid:2022468; rev:2;)

Added 2016-01-28 18:57:42 UTC


Topic revision: r1 - 2019-10-23 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats