#alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET TROJAN x0Proto File Contents Exfil Request"; flow:established,from_server; dsize:9; content:"DLOAD|0c|1|0c|1"; depth:9; reference:md5,3d5a4b51ff4ad8534873e02720aeff34; classtype:trojan-activity; sid:2024423; rev:1; metadata:created_at 2017_06_23, updated_at 2017_06_23;)

Added 2020-12-02 19:00:28 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET TROJAN x0Proto File Contents Exfil Request"; flow:established,from_server; dsize:9; content:"DLOAD|0c|1|0c|1"; depth:9; reference:md5,3d5a4b51ff4ad8534873e02720aeff34; classtype:trojan-activity; sid:2024423; rev:1; metadata:created_at 2017_06_23, updated_at 2017_06_23;)

Added 2018-09-13 19:53:51 UTC


Added 2018-09-13 18:01:38 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET TROJAN x0Proto File Contents Exfil Request"; flow:established,from_server; dsize:9; content:"DLOAD|0c|1|0c|1"; depth:9; reference:md5,3d5a4b51ff4ad8534873e02720aeff34; classtype:trojan-activity; sid:2024423; rev:1; metadata:created_at 2017_06_23, updated_at 2017_06_23;)

Added 2017-08-07 21:19:47 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET TROJAN x0Proto File Contents Exfil Request"; flow:established,from_server; dsize:9; content:"DLOAD|0c|1|0c|1"; depth:9; reference:md5,3d5a4b51ff4ad8534873e02720aeff34; classtype:trojan-activity; sid:2024423; rev:1;)

Added 2017-06-23 17:07:38 UTC


Topic revision: r1 - 2020-12-03 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats