#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED Possible Spam/Phish Campaign Feb 25 2016"; flow:established,to_server; content:".pw|0d 0a|"; http_header; nocase; fast_pattern:only; pcre:"/\/[a-z]\/\?[A-Z]{10}$/U"; pcre:"/^Host\x3a\x20[^\r\n]+\.pw\r?$/Hmi"; classtype:trojan-activity; sid:2022570; rev:3; metadata:created_at 2016_02_27, updated_at 2016_02_27;)

Added 2021-09-21 20:00:33 UTC


#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED Possible Spam/Phish Campaign Feb 25 2016"; flow:established,to_server; content:".pw|0d 0a|"; http_header; nocase; fast_pattern:only; pcre:"/\/[a-z]\/\?[A-Z]{10}$/U"; pcre:"/^Host\x3a\x20[^\r\n]+\.pw\r?$/Hmi"; classtype:trojan-activity; sid:2022570; rev:3; metadata:created_at 2016_02_26, updated_at 2016_02_26;)

Added 2018-09-13 19:52:20 UTC


Added 2018-09-13 18:00:46 UTC


#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED Possible Spam/Phish Campaign Feb 25 2016"; flow:established,to_server; content:".pw|0d 0a|"; http_header; nocase; fast_pattern:only; pcre:"/\/[a-z]\/\?[A-Z]{10}$/U"; pcre:"/^Host\x3a\x20[^\r\n]+\.pw\r?$/Hmi"; classtype:trojan-activity; sid:2022570; rev:3; metadata:created_at 2016_02_26, updated_at 2016_02_26;)

Added 2017-08-07 21:17:30 UTC


#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED Possible Spam/Phish Campaign Feb 25 2016"; flow:established,to_server; content:".pw|0d 0a|"; http_header; nocase; fast_pattern:only; pcre:"/\/[a-z]\/\?[A-Z]{10}$/U"; pcre:"/^Host\x3a\x20[^\r\n]+\.pw\r?$/Hmi"; classtype:trojan-activity; sid:2022570; rev:3;)

Added 2016-03-02 17:22:07 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS Possible Spam/Phish Campaign Feb 25 2016"; flow:established,to_server; content:".pw|0d 0a|"; http_header; nocase; fast_pattern:only; pcre:"/\/[a-z]\/\?[A-Z]{10}$/U"; pcre:"/^Host\x3a\x20[^\r\n]+\.pw\r?$/Hmi"; classtype:trojan-activity; sid:2022570; rev:2;)

Added 2016-02-26 17:53:37 UTC



This topic: Main > 2022570
Topic revision: r1 - 2021-09-22 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats