alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Win32/Infostealer.Snifula File Upload"; flow:established,to_server; content:"POST"; http_method; content:".cgi"; http_uri; content:"name|3d 22|upload_file|22 3b 20|filename|3d 22|"; fast_pattern:6,20; http_client_body; content:!"Referer|3a 20|"; http_header; content:"User-Agent|3a 20|IE|0d 0a|Host"; http_header; reference:md5,be16b8d1b85843c89301f189b35c4963; classtype:trojan-activity; sid:2023337; rev:2; metadata:created_at 2016_10_14, updated_at 2020_07_31;)

Added 2020-07-31 19:50:12 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Win32/Infostealer.Snifula File Upload"; flow:established,to_server; content:"POST"; http_method; content:".cgi"; http_uri; content:"name|3d 22|upload_file|22 3b 20|filename|3d 22|"; fast_pattern:6,20; http_client_body; content:!"Referer|3a 20|"; http_header; content:"User-Agent|3a 20|IE|0d 0a|Host"; http_header; reference:md5,be16b8d1b85843c89301f189b35c4963; classtype:trojan-activity; sid:2023337; rev:2; metadata:created_at 2016_10_14, updated_at 2016_10_14;)

Added 2018-09-13 19:53:00 UTC


Added 2018-09-13 18:01:10 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Win32/Infostealer.Snifula File Upload"; flow:established,to_server; content:"POST"; http_method; content:".cgi"; http_uri; content:"name|3d 22|upload_file|22 3b 20|filename|3d 22|"; fast_pattern:6,20; http_client_body; content:!"Referer|3a 20|"; http_header; content:"User-Agent|3a 20|IE|0d 0a|Host"; http_header; reference:md5,be16b8d1b85843c89301f189b35c4963; classtype:trojan-activity; sid:2023337; rev:2; metadata:created_at 2016_10_14, updated_at 2016_10_14;)

Added 2017-08-07 21:18:27 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Win32/Infostealer.Snifula File Upload"; flow:established,to_server; content:"POST"; http_method; content:".cgi"; http_uri; content:"name|3d 22|upload_file|22 3b 20|filename|3d 22|"; fast_pattern:6,20; http_client_body; content:!"Referer|3a 20|"; http_header; content:"User-Agent|3a 20|IE|0d 0a|Host"; http_header; reference:md5,be16b8d1b85843c89301f189b35c4963; classtype:trojan-activity; sid:2023337; rev:2;)

Added 2016-10-18 11:42:28 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Win32/Infostealer.Snifula File Upload"; flow:established,to_server; content:"POST"; http_method; content:".cgi"; http_uri; content:"name|3d 22|upload_file|22 3b 20|filename|3d 22|"; fast_pattern:6,20; http_client_body; content:!"Referer|3a 20|"; http_header; content:"User-Agent|3a 20|IE|0d 0a|Host"; http_header; reference:md5,be16b8d1b85843c89301f189b35c4963; classtype:trojan-activity; sid:2023337; rev:2;)

Added 2016-10-18 11:42:26 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Win32/Infostealer.Snifula File Upload"; flow:established,to_server; content:"POST"; http_method; content:".cgi"; http_uri; content:"name|3d 22|upload_file|22 3b 20|filename|3d 22|"; fast_pattern:6,20; http_client_body; content:!"Referer|3a 20|"; http_header; content:"User-Agent|3a 20|IE|0d 0a|Host"; http_header; reference:md5,be16b8d1b85843c89301f189b35c4963; classtype:trojan-activity; sid:2023337; rev:2;)

Added 2016-10-18 11:39:22 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Win32/Infostealer.Snifula File Upload"; flow:established,to_server; content:"POST"; http_method; content:".cgi"; http_uri; content:"name|3d 22|upload_file|22 3b 20|filename|3d 22|"; fast_pattern:6,20; http_client_body; content:!"Referer|3a 20|"; http_header; content:"User-Agent|3a 20|IE|0d 0a|Host"; http_header; reference:md5,be16b8d1b85843c89301f189b35c4963; classtype:trojan-activity; sid:2023337; rev:2;)

Added 2016-10-18 11:39:20 UTC


Topic revision: r1 - 2020-07-31 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats