alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Luxsoft Win32/ICLoader User-Agent"; flow:to_server,established; content:"Medunja Solodunnja"; http_user_agent; depth:18; nocase; metadata: former_category MALWARE; reference:url,fortinet.com/blog/threat-research/cookie-maker-inside-the-google-docs-malicious-network.html; classtype:trojan-activity; sid:2026114; rev:4; metadata:affected_product Web_Browsers, attack_target Client_Endpoint, deployment Perimeter, signature_severity Minor, created_at 2018_09_18, updated_at 2019_04_24;)

Added 2019-08-15 20:33:41 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Luxsoft Win32/ICLoader User-Agent"; flow:to_server,established; content:"Medunja Solodunnja"; http_user_agent; depth:18; nocase; metadata: former_category MALWARE; reference:url,fortinet.com/blog/threat-research/cookie-maker-inside-the-google-docs-malicious-network.html; classtype:trojan-activity; sid:2026114; rev:3; metadata:affected_product Web_Browsers, attack_target Client_Endpoint, deployment Perimeter, signature_severity Minor, created_at 2018_09_18, updated_at 2019_04_24;)

Added 2019-04-24 19:04:36 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Luxsoft Win32/ICLoader User-Agent"; flow:to_server,established; content:"POST"; http_method; content:"Medunja Solodunnja 6.0.0"; http_user_agent; nocase; metadata: former_category MALWARE; classtype:trojan-activity; sid:2026114; rev:2; metadata:affected_product Web_Browsers, attack_target Client_Endpoint, deployment Perimeter, signature_severity Minor, created_at 2018_09_18, updated_at 2018_09_18;)

Added 2018-09-18 17:53:16 UTC


Topic revision: r1 - 2019-08-16 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats