alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Miniduke variant C&C activity"; flow:to_server,established; content:"&Auth="; http_uri; content:"&Session="; http_uri; distance:0; content:"&DataID="; http_uri; distance:0; content:"&FamilyID="; http_uri; distance:0; metadata: former_category MALWARE; reference:md5,8bbc55ec1a7e86cb21d3cda5ccb43e1e; reference:url,www.f-secure.com/static/doc/labs_global/Whitepapers/cosmicduke_whitepaper.pdf; classtype:trojan-activity; sid:2023909; rev:3; metadata:created_at 2014_07_03, updated_at 2020_05_21;)

Added 2020-05-21 18:23:04 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Miniduke variant C&C activity"; flow:to_server,established; content:"&Auth="; http_uri; content:"&Session="; http_uri; distance:0; content:"&DataID="; http_uri; distance:0; content:"&FamilyID="; http_uri; distance:0; metadata: former_category MALWARE; reference:md5,8bbc55ec1a7e86cb21d3cda5ccb43e1e; reference:url,www.f-secure.com/static/doc/labs_global/Whitepapers/cosmicduke_whitepaper.pdf; classtype:trojan-activity; sid:2023909; rev:3; metadata:created_at 2014_07_03, updated_at 2017_02_16;)

Added 2019-09-26 19:58:18 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Miniduke variant C&C activity"; flow:to_server,established; content:"&Auth="; http_uri; content:"&Session="; http_uri; distance:0; content:"&DataID="; http_uri; distance:0; content:"&FamilyID="; http_uri; distance:0; reference:md5,8bbc55ec1a7e86cb21d3cda5ccb43e1e; reference:url,www.f-secure.com/static/doc/labs_global/Whitepapers/cosmicduke_whitepaper.pdf; classtype:trojan-activity; sid:2023909; rev:3; metadata:created_at 2014_07_03, updated_at 2017_02_16;)

Added 2018-09-13 19:53:27 UTC


Added 2018-09-13 18:01:24 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Miniduke variant C&C activity"; flow:to_server,established; content:"&Auth="; http_uri; content:"&Session="; http_uri; distance:0; content:"&DataID="; http_uri; distance:0; content:"&FamilyID="; http_uri; distance:0; reference:md5,8bbc55ec1a7e86cb21d3cda5ccb43e1e; reference:url,www.f-secure.com/static/doc/labs_global/Whitepapers/cosmicduke_whitepaper.pdf; classtype:trojan-activity; sid:2023909; rev:3; metadata:created_at 2014_07_03, updated_at 2017_02_16;)

Added 2017-08-07 21:19:09 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Miniduke variant C&C activity"; flow:to_server,established; content:"&Auth="; http_uri; content:"&Session="; http_uri; distance:0; content:"&DataID="; http_uri; distance:0; content:"&FamilyID="; http_uri; distance:0; reference:md5,8bbc55ec1a7e86cb21d3cda5ccb43e1e; reference:url,www.f-secure.com/static/doc/labs_global/Whitepapers/cosmicduke_whitepaper.pdf; classtype:trojan-activity; sid:2023909; rev:3;)

Added 2017-02-16 17:05:12 UTC


Topic revision: r1 - 2020-05-21 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats