alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_CLIENT Tech Support Scam Landing M1 2019-04-15"; flow:established,from_server; content:"200"; http_stat_code; file_data; content:"alert|28 22|Windows|20|Firewall|20|has|20|detected|20|that|20|your|20|Windows"; fast_pattern; content:"system|20|files|20|are|20|automatically|20|deleted"; distance:0; within:200; content:"Please|20|follow|20|the|20|instructions"; distance:0; within:200; classtype:trojan-activity; sid:2027197; rev:2; metadata:created_at 2019_04_15, former_category WEB_CLIENT, tag Tech_Support_Scam, tag Malvertising, updated_at 2020_08_19;)

Added 2020-08-19 18:14:33 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_CLIENT Tech Support Scam Landing M1 2019-04-15"; flow:established,from_server; content:"200"; http_stat_code; file_data; content:"alert|28 22|Windows|20|Firewall|20|has|20|detected|20|that|20|your|20|Windows"; fast_pattern; content:"system|20|files|20|are|20|automatically|20|deleted"; distance:0; within:200; content:"Please|20|follow|20|the|20|instructions"; distance:0; within:200; classtype:trojan-activity; sid:2027197; rev:2; metadata:created_at 2019_04_15, former_category WEB_CLIENT, tag Tech_Support_Scam, tag Malvertising, updated_at 2019_04_15;)

Added 2020-08-05 19:16:08 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_CLIENT Tech Support Scam Landing M1 2019-04-15"; flow:established,from_server; content:"200"; http_stat_code; file_data; content:"alert|28 22|Windows|20|Firewall|20|has|20|detected|20|that|20|your|20|Windows"; fast_pattern; content:"system|20|files|20|are|20|automatically|20|deleted"; distance:0; within:200; content:"Please|20|follow|20|the|20|instructions"; distance:0; within:200; metadata: former_category WEB_CLIENT; classtype:trojan-activity; sid:2027197; rev:2; metadata:tag Tech_Support_Scam, tag Malvertising, created_at 2019_04_15, updated_at 2019_04_15;)

Added 2019-09-26 19:58:45 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_CLIENT Tech Support Scam Landing M1 2019-04-15"; flow:established,from_server; content:"200"; http_stat_code; file_data; content:"alert|28 22|Windows|20|Firewall|20|has|20|detected|20|that|20|your|20|Windows"; fast_pattern; content:"system|20|files|20|are|20|automatically|20|deleted"; distance:0; within:200; content:"Please|20|follow|20|the|20|instructions"; distance:0; within:200; metadata: former_category CURRENT_EVENTS; classtype:trojan-activity; sid:2027197; rev:2; metadata:tag Tech_Support_Scam, tag Malvertising, created_at 2019_04_15, updated_at 2019_04_15;)

Added 2019-08-16 19:27:25 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET CURRENT_EVENTS Tech Support Scam Landing M1 2019-04-15"; flow:established,from_server; content:"200"; http_stat_code; file_data; content:"alert|28 22|Windows|20|Firewall|20|has|20|detected|20|that|20|your|20|Windows"; fast_pattern; content:"system|20|files|20|are|20|automatically|20|deleted"; distance:0; within:200; content:"Please|20|follow|20|the|20|instructions"; distance:0; within:200; metadata: former_category CURRENT_EVENTS; classtype:trojan-activity; sid:2027197; rev:1; metadata:tag Tech_Support_Scam, tag Malvertising, created_at 2019_04_15, updated_at 2019_04_15;)

Added 2019-04-15 19:06:46 UTC



This topic: Main > 2027197
Topic revision: r1 - 2020-08-19 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats