alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Loadmoney Checkin 1"; flow:established,to_server; content:"POST"; http_method; urilen:8; content:"/ppu.php"; http_uri; fast_pattern; content:"xml_req="; depth:8; http_client_body; content:"system"; distance:0; http_client_body; content:"os+version"; distance:0; http_client_body; metadata: former_category ADWARE_PUP; reference:url,www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=PUA:Win32/LoadMoney; classtype:trojan-activity; sid:2024258; rev:5; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, tag Loadmoney, signature_severity Minor, created_at 2015_02_17, malware_family Loadmoney, performance_impact Low, updated_at 2019_10_07;)

Added 2019-10-08 19:34:45 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Loadmoney Checkin 1"; flow:established,to_server; content:"POST"; http_method; urilen:8; content:"/ppu.php"; http_uri; fast_pattern:only; content:"xml_req="; depth:8; http_client_body; content:"system"; distance:0; http_client_body; content:"os+version"; distance:0; http_client_body; metadata: former_category ADWARE_PUP; reference:url,www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=PUA:Win32/LoadMoney; classtype:trojan-activity; sid:2024258; rev:4; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, tag Loadmoney, signature_severity Minor, created_at 2015_02_17, malware_family Loadmoney, performance_impact Low, updated_at 2017_04_27;)

Added 2019-09-26 19:58:22 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Loadmoney Checkin 1"; flow:established,to_server; content:"POST"; http_method; urilen:8; content:"/ppu.php"; http_uri; fast_pattern:only; content:"xml_req="; depth:8; http_client_body; content:"system"; distance:0; http_client_body; content:"os+version"; distance:0; http_client_body; metadata: former_category MALWARE; reference:url,www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=PUA:Win32/LoadMoney; classtype:trojan-activity; sid:2024258; rev:4; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, tag Loadmoney, signature_severity Minor, created_at 2015_02_17, malware_family Loadmoney, performance_impact Low, updated_at 2017_04_27;)

Added 2019-08-15 20:33:38 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Loadmoney Checkin 1"; flow:established,to_server; content:"POST"; http_method; urilen:8; content:"/ppu.php"; http_uri; fast_pattern:only; content:"xml_req="; depth:8; http_client_body; content:"system"; distance:0; http_client_body; content:"os+version"; distance:0; http_client_body; metadata: former_category MALWARE; reference:url,www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=PUA:Win32/LoadMoney; classtype:trojan-activity; sid:2024258; rev:3; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, tag Loadmoney, signature_severity Minor, created_at 2015_02_17, malware_family Loadmoney, performance_impact Low, updated_at 2017_04_27;)

Added 2017-08-07 21:19:35 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Loadmoney Checkin 1"; flow:established,to_server; content:"POST"; http_method; urilen:8; content:"/ppu.php"; http_uri; fast_pattern:only; content:"xml_req="; depth:8; http_client_body; content:"system"; distance:0; http_client_body; content:"os+version"; distance:0; http_client_body; reference:url,www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=PUA:Win32/LoadMoney; classtype:trojan-activity; sid:2024258; rev:3;)

Added 2017-05-05 16:59:08 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Loadmoney Checkin 1"; flow:established,to_server; content:"POST"; http_method; urilen:8; content:"/ppu.php"; http_uri; fast_pattern:only; content:"xml_req="; depth:8; http_client_body; content:"system"; distance:0; http_client_body; content:"os+version"; distance:0; http_client_body; metadata: former_category MALWARE; reference:url,www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=PUA:Win32/LoadMoney; classtype:trojan-activity; sid:2024258; rev:3;)

Added 2017-05-03 17:36:09 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Loadmoney Checkin 1"; flow:established,to_server; content:"POST"; http_method; urilen:8; content:"/ppu.php"; http_uri; fast_pattern:only; content:"xml_req="; depth:8; http_client_body; content:"system"; distance:0; http_client_body; content:"os+version"; distance:0; http_client_body; reference:url,www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=PUA:Win32/LoadMoney; classtype:trojan-activity; sid:2024258; rev:3;)

Added 2017-04-27 17:36:25 UTC


Topic revision: r1 - 2019-10-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats