""ET MALWARE 2020search/PowerSearch Toolbar Adware/Spyware - GET""
SID: 2009807
Revision: 6
Class Type: trojan-activity
Metadata: created_at 2010_07_30, updated_at 2019_08_14
Reference:
Protocol: tcp
Source Network: $HOME_NET
Source Port: any
Destination Network: $EXTERNAL_NET
Destination Port: $HTTP_PORTS
Flow: established,to_server
Contents:
-
Value: "GET"
-
Value: "IpAddr="
-
Value: "&OS="
-
Value: "&RegistryChanged="
-
Value: "&RegistryUpdate="
-
Value: "&NewInstallation="
-
Value: "&utilMissing="
-
Value: "&Basedir="
-
Value: "&BundleID="
-
Value: "&InitInstalled="
-
Value: "&Interval="
-
Value: "&LastInitRun="
-
Value: "&LastInitVer="
-
Value: "&LastSrngRun="
-
Value: "&LastUtilRun="
-
Value: "&SrngInstalled="
-
Value: "&SrngVer="
-
Value: "&UtilInstalled="
-
Value: "&UtilVer="
-
Value: "&PCID"
Within:
PCRE:
Special Options:
-
nocase
-
http_method
-
nocase
-
http_uri
-
nocase
-
http_uri
-
nocase
-
http_uri
-
nocase
-
http_uri
-
nocase
-
http_uri
-
nocase
-
http_uri
-
nocase
-
http_uri
-
nocase
-
http_uri
-
nocase
-
http_uri
-
nocase
-
http_uri
-
nocase
-
http_uri
-
nocase
-
http_uri
-
nocase
-
http_uri
-
nocase
-
http_uri
-
nocase
-
http_uri
-
nocase
-
http_uri
-
nocase
-
http_uri
-
nocase
-
http_uri
-
nocase
-
http_uri