alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Dadong Exploit Kit Downloaded"; flow:established,from_server; flowbits:set,et.exploitkitlanding; content:"indexOf(|22|dadong=|22|)=="; fast_pattern; reference:url,www.kahusecurity.com/2012/chinese-pack-using-dadongs-jsxx-vip-script/; classtype:trojan-activity; sid:2025037; rev:3; metadata:created_at 2012_03_01, former_category EXPLOIT_KIT, updated_at 2019_10_08;)

Added 2021-09-21 20:00:40 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Dadong Exploit Kit Downloaded"; flow:established,from_server; flowbits:set,et.exploitkitlanding; content:"indexOf(|22|dadong=|22|)=="; fast_pattern; reference:url,www.kahusecurity.com/2012/chinese-pack-using-dadongs-jsxx-vip-script/; classtype:trojan-activity; sid:2025037; rev:3; metadata:created_at 2012_03_01, former_category EXPLOIT_KIT, updated_at 2019_10_07;)

Added 2020-08-05 19:14:11 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Dadong Exploit Kit Downloaded"; flow:established,from_server; flowbits:set,et.exploitkitlanding; content:"indexOf(|22|dadong=|22|)=="; fast_pattern:only; metadata: former_category EXPLOIT_KIT; reference:url,www.kahusecurity.com/2012/chinese-pack-using-dadongs-jsxx-vip-script/; classtype:trojan-activity; sid:2025037; rev:2; metadata:created_at 2012_03_01, updated_at 2019_10_07;)

Added 2019-10-07 19:58:53 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Dadong Exploit Kit Downloaded"; flow:established,from_server; flowbits:set,et.exploitkitlanding; content:"indexOf(|22|dadong=|22|)=="; fast_pattern:only; metadata: former_category EXPLOIT_KIT; reference:url,www.kahusecurity.com/2012/chinese-pack-using-dadongs-jsxx-vip-script/; classtype:trojan-activity; sid:2025037; rev:2; metadata:created_at 2012_03_01, updated_at 2017_11_27;)

Added 2019-09-26 19:58:25 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Dadong Exploit Kit Downloaded"; flow:established,from_server; flowbits:set,et.exploitkitlanding; content:"indexOf(|22|dadong=|22|)=="; fast_pattern:only; metadata: former_category CURRENT_EVENTS; reference:url,www.kahusecurity.com/2012/chinese-pack-using-dadongs-jsxx-vip-script/; classtype:trojan-activity; sid:2025037; rev:2; metadata:created_at 2012_03_01, updated_at 2017_11_27;)

Added 2018-09-13 19:54:21 UTC


Added 2018-09-13 18:01:56 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Dadong Exploit Kit Downloaded"; flow:established,from_server; flowbits:set,et.exploitkitlanding; content:"indexOf(|22|dadong=|22|)=="; fast_pattern:only; metadata: former_category CURRENT_EVENTS; reference:url,www.kahusecurity.com/2012/chinese-pack-using-dadongs-jsxx-vip-script/; classtype:trojan-activity; sid:2025037; rev:2; metadata:created_at 2012_03_01, updated_at 2017_11_27;)

Added 2017-11-27 16:30:29 UTC


Topic revision: r1 - 2021-09-22 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats