alert http $EXTERNAL_NET any -> any any (msg:"ET SCAN Mirai Variant User-Agent (Inbound)"; flow:established,to_server; content:"User-Agent|3a 20|APEP"; http_header; fast_pattern; metadata: former_category MALWARE; classtype:attempted-admin; sid:2029025; rev:2; metadata:affected_product Linux, attack_target IoT?, deployment Perimeter, signature_severity Minor, created_at 2019_11_21, updated_at 2020_03_23;)

Added 2020-03-24 02:58:51 UTC


alert http $EXTERNAL_NET any -> any any (msg:"ET SCAN Mirai Variant User-Agent (Inbound)"; flow:established,to_server; content:"User-Agent|3a 20|APEP"; http_header; fast_pattern; metadata: former_category MALWARE; classtype:attempted-admin; sid:2029025; rev:2; metadata:affected_product Linux, attack_target IoT?, deployment Perimeter, signature_severity Minor, created_at 2019_11_21, updated_at 2020_03_23;)

Added 2020-03-24 02:13:11 UTC


alert http $EXTERNAL_NET any -> any any (msg:"ET SCAN Mirai Variant User-Agent (Inbound)"; flow:established,to_server; content:"User-Agent|3a 20|APEP"; http_header; fast_pattern; metadata: former_category MALWARE; classtype:attempted-admin; sid:2029025; rev:2; metadata:affected_product Linux, attack_target IoT?, deployment Perimeter, signature_severity Minor, created_at 2019_11_21, updated_at 2020_03_23;)

Added 2020-03-23 20:11:43 UTC


alert http $EXTERNAL_NET any -> any any (msg:"ET SCAN Mirai Variant User-Agent (Inbound)"; flow:established,to_server; content:"User-Agent|3a 20|APEP"; http_header; fast_pattern; metadata: former_category MALWARE; classtype:attempted-admin; sid:2029025; rev:2; metadata:affected_product Linux, attack_target IoT?, deployment Perimeter, signature_severity Minor, created_at 2019_11_21, updated_at 2020_03_23;)

Added 2020-03-23 20:04:24 UTC


alert http $EXTERNAL_NET any -> any any (msg:"ET SCAN Mirai Variant User-Agent (Inbound)"; flow:established,to_server; content:"User-Agent|3a 20|APEP"; http_header; fast_pattern; pcre:"/^APEP(?:(?:\/|\s)[0-9]\.0)?$/Vi"; metadata: former_category MALWARE; classtype:attempted-admin; sid:2029025; rev:1; metadata:affected_product Linux, attack_target IoT?, deployment Perimeter, signature_severity Minor, created_at 2019_11_21, updated_at 2019_11_21;)

Added 2019-12-04 18:42:21 UTC


alert http $EXTERNAL_NET any -> any any (msg:"ET TROJAN Mirai Variant User-Agent (Inbound)"; flow:established,to_server; content:"User-Agent|3a 20|APEP"; http_header; fast_pattern; pcre:"/^APEP(?:(?:\/|\s)[0-9]\.0)?$/Vi"; metadata: former_category MALWARE; classtype:web-application-attack; sid:2029025; rev:1; metadata:affected_product Linux, attack_target IoT?, deployment Perimeter, signature_severity Minor, created_at 2019_11_21, updated_at 2019_11_21;)

Added 2019-11-21 20:14:21 UTC


Topic revision: r1 - 2020-03-24 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats