alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET INFO Possible Phishing Landing - Zeus365 Encoding"; flow:established,to_client; content:"200"; http_stat_code; file_data; content:"|3c 21 2d 2d 20 68 74 6d 6c 20 65 6e 63 72 79 70 74 69 6f 6e 20 70 72 6f 76 69 64 65 64 20 62 79 20 7a 65 75 73 33 36 35 20 2d 2d 3e|"; metadata: former_category CURRENT_EVENTS; classtype:bad-unknown; sid:2027562; rev:2; metadata:affected_product Web_Browsers, attack_target Client_Endpoint, deployment Perimeter, tag Phishing, signature_severity Minor, created_at 2019_06_26, updated_at 2019_06_26;)

Added 2019-06-26 19:54:27 UTC


Topic revision: r1 - 2019-06-26 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats