alert tcp $EXTERNAL_NET 1024: -> $HOME_NET any (msg:"ET TROJAN Mirai Variant Checkin Response"; flow:established,to_client; content:"|21 2a 20|LOLNOBYE"; isdataat:!1,relative; metadata: former_category TROJAN; reference:url,www.stratosphereips.org/blog/2019/5/17/iot-malware-analysis-series-a-mirai-variant-in-ctu-iot-malware-capture-49-1; classtype:trojan-activity; sid:2027366; rev:1; metadata:affected_product Linux, attack_target IoT?, deployment Perimeter, signature_severity Major, created_at 2019_05_20, malware_family Mirai, updated_at 2019_05_20;)

Added 2019-05-20 20:16:04 UTC


Topic revision: r1 - 2019-05-21 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats