""ET TROJAN Dropper.Win32.Agent.ahju Checkin""
SID: 2012895
Revision: 2
Class Type: trojan-activity
Metadata: created_at 2011_05_31, updated_at 2011_05_31
Reference:
-
md5
-
a264690a775a4e1b3d91c2dbcd850ce9
Protocol: tcp
Source Network: $HOME_NET
Source Port: any
Destination Network: $EXTERNAL_NET
Destination Port: 288
Flow: established,to_server
Contents:
- Value: "|44 78 47 54 33 43 6D 42 66 39 73 39 6C 74 62 6A 35 61 4A 7C 0A|" Depth: 21
Within:
PCRE:
Special Options: