alert dns $HOME_NET any -> any any (msg:"ET TROJAN RouteX? CnC? Domain (2fa3c2fa16c47d9b9bff8986a42b048f .com) in DNS Lookup"; dns_query; content:"2fa3c2fa16c47d9b9bff8986a42b048f.com"; fast_pattern; nocase; depth:36; isdataat:!1,relative; reference:url,forkbomb.us/press-releases/2017/09/08/routex-press-release.html; classtype:trojan-activity; sid:2024964; rev:3; metadata:affected_product Linux, attack_target Networking_Equipment, created_at 2017_11_06, deployment Internal, former_category MALWARE, performance_impact Moderate, signature_severity Major, updated_at 2022_07_22;)

Added 2022-07-22 16:31:40 UTC


alert dns $HOME_NET any -> any 53 (msg:"ET TROJAN RouteX? CnC? Domain (2fa3c2fa16c47d9b9bff8986a42b048f .com in DNS Lookup)"; dns_query; content:"2fa3c2fa16c47d9b9bff8986a42b048f.com"; isdataat:!1,relative; reference:url,forkbomb.us/press-releases/2017/09/08/routex-press-release.html; classtype:trojan-activity; sid:2024964; rev:2; metadata:affected_product Linux, attack_target Networking_Equipment, created_at 2017_11_06, deployment Internal, former_category MALWARE, performance_impact Moderate, signature_severity Major, updated_at 2020_09_14;)

Added 2020-09-14 20:01:41 UTC


alert dns $HOME_NET any -> any 53 (msg:"ET TROJAN RouteX? CnC? Domain (2fa3c2fa16c47d9b9bff8986a42b048f .com in DNS Lookup)"; dns_query; content:"2fa3c2fa16c47d9b9bff8986a42b048f.com"; isdataat:!1,relative; reference:url,forkbomb.us/press-releases/2017/09/08/routex-press-release.html; classtype:trojan-activity; sid:2024964; rev:2; metadata:affected_product Linux, attack_target Networking_Equipment, created_at 2017_11_06, deployment Internal, former_category MALWARE, performance_impact Moderate, signature_severity Major, updated_at 2019_09_28;)

Added 2020-08-05 19:14:07 UTC


alert dns $HOME_NET any -> any 53 (msg:"ET TROJAN RouteX? CnC? Domain (2fa3c2fa16c47d9b9bff8986a42b048f .com in DNS Lookup)"; dns_query; content:"2fa3c2fa16c47d9b9bff8986a42b048f.com"; isdataat:!1,relative; metadata: former_category MALWARE; reference:url,forkbomb.us/press-releases/2017/09/08/routex-press-release.html; classtype:trojan-activity; sid:2024964; rev:2; metadata:affected_product Linux, attack_target Networking_Equipment, deployment Internal, signature_severity Major, created_at 2017_11_06, performance_impact Moderate, updated_at 2019_09_28;)

Added 2019-10-01 08:28:54 UTC


alert dns $HOME_NET any -> any 53 (msg:"ET TROJAN RouteX? CnC? Domain (2fa3c2fa16c47d9b9bff8986a42b048f .com in DNS Lookup)"; dns_query; content:"2fa3c2fa16c47d9b9bff8986a42b048f.com"; isdataat:!1,relative; metadata: former_category MALWARE; reference:url,forkbomb.us/press-releases/2017/09/08/routex-press-release.html; classtype:trojan-activity; sid:2024964; rev:2; metadata:affected_product Linux, attack_target Networking_Equipment, deployment Internal, signature_severity Major, created_at 2017_11_06, performance_impact Moderate, updated_at 2019_09_28;)

Added 2019-10-01 04:23:19 UTC


alert dns $HOME_NET any -> any 53 (msg:"ET TROJAN RouteX? CnC? Domain (2fa3c2fa16c47d9b9bff8986a42b048f .com in DNS Lookup)"; dns_query; content:"2fa3c2fa16c47d9b9bff8986a42b048f.com"; isdataat:!1,relative; metadata: former_category MALWARE; reference:url,forkbomb.us/press-releases/2017/09/08/routex-press-release.html; classtype:trojan-activity; sid:2024964; rev:2; metadata:affected_product Linux, attack_target Networking_Equipment, deployment Internal, signature_severity Major, created_at 2017_11_06, performance_impact Moderate, updated_at 2017_11_06;)

Added 2019-09-19 19:26:51 UTC


alert dns $HOME_NET any -> any 53 (msg:"ET TROJAN RouteX? CnC? Domain (2fa3c2fa16c47d9b9bff8986a42b048f .com in DNS Lookup)"; dns_query; content:"2fa3c2fa16c47d9b9bff8986a42b048f.com"; isdataat:!1,relative; metadata: former_category TROJAN; reference:url,forkbomb.us/press-releases/2017/09/08/routex-press-release.html; classtype:trojan-activity; sid:2024964; rev:2; metadata:affected_product Linux, attack_target Networking_Equipment, deployment Internal, signature_severity Major, created_at 2017_11_06, performance_impact Moderate, updated_at 2017_11_06;)

Added 2018-09-13 19:54:19 UTC


Added 2018-09-13 18:01:55 UTC


alert dns $HOME_NET any -> any 53 (msg:"ET TROJAN RouteX? CnC? Domain (2fa3c2fa16c47d9b9bff8986a42b048f .com in DNS Lookup)"; dns_query; content:"2fa3c2fa16c47d9b9bff8986a42b048f.com"; isdataat:!1,relative; metadata: former_category TROJAN; reference:url,forkbomb.us/press-releases/2017/09/08/routex-press-release.html; classtype:trojan-activity; sid:2024964; rev:2; metadata:affected_product Linux, attack_target Networking_Equipment, deployment Internal, signature_severity Major, created_at 2017_11_06, performance_impact Moderate, updated_at 2017_11_06;)

Added 2017-11-06 16:30:32 UTC


alert dns $HOME_NET any -> any 53 (msg:"ET TROJAN RouteX? CnC? Domain (2fa3c2fa16c47d9b9bff8986a42b048f .com in DNS Lookup)"; dns_query; content:"2fa3c2fa16c47d9b9bff8986a42b048f.com"; isdataat:!1,relative; metadata: former_category TROJAN; reference:url,forkbomb.us/press-releases/2017/09/08/routex-press-release.html; classtype:trojan-activity; sid:2024964; rev:2; metadata:affected_product Linux, attack_target Networking_Equipment, deployment Internal, signature_severity Major, created_at 2017_11_06, performance_impact Moderate, updated_at 2017_11_06;)

Added 2017-11-06 16:22:28 UTC


Topic revision: r1 - 2022-07-22 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats