alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET TROJAN Cayosin Botnet User-Agent Observed M2"; flow:established,to_server; content:"Cock/2.0"; http_user_agent; depth:8; fast_pattern; isdataat:!1,relative; metadata: former_category USER_AGENTS; classtype:trojan-activity; sid:2026877; rev:3; metadata:affected_product Linux, attack_target Server, deployment Perimeter, signature_severity Major, created_at 2019_02_04, malware_family Mirai, malware_family Cayosin, performance_impact Low, updated_at 2019_02_04;)

Added 2019-03-05 19:33:58 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET USER_AGENTS Cayosin Botnet User-Agent Observed M2"; flow:established,to_server; content:"Cock/2.0"; http_user_agent; depth:8; fast_pattern; isdataat:!1,relative; metadata: former_category USER_AGENTS; classtype:trojan-activity; sid:2026877; rev:2; metadata:affected_product Linux, attack_target Server, deployment Perimeter, signature_severity Major, created_at 2019_02_04, malware_family Mirai, malware_family Cayosin, performance_impact Low, updated_at 2019_02_04;)

Added 2019-02-07 21:16:06 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET USER_AGENTS Cayosin Botnet User-Agent Observed"; flow:established,to_server; content:"Cock/2.0"; http_user_agent; depth:8; fast_pattern; isdataat:!1,relative; metadata: former_category USER_AGENTS; classtype:trojan-activity; reference: url,https://perchsecurity.com/perch-news/threat-report-sunday-february-3rd-2019/; sid:2026877; rev:1; metadata:affected_product Linux, attack_target Server, deployment Perimeter, signature_severity Major, created_at 2019_02_04, malware_family Mirai, malware_family Cayosin, performance_impact Low, updated_at 2019_02_04;)

Added 2019-02-04 19:48:13 UTC


Topic revision: r2 - 2019-02-05 - PerchNation
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats