""ET TROJAN W32/GMUnpacker.Downloader Download Instructions Response From CnC""

SID: 2017891

Revision: 1

Class Type: trojan-activity

Metadata: created_at 2013_12_20, updated_at 2013_12_20

Reference:

• md5

• 43e89125ad40b18d22e01f997da8929a

Protocol: tcp

Source Network: $EXTERNAL_NET

Source Port: $HTTP_PORTS

Destination Network: $HOME_NET

Destination Port: any

Flow: established,to_client

Contents:

• Value: ""

• Value: ""

• Value: ""

• Value: "HKEY_LOCAL_MACHINE|5c|SOFTWARE|5c|Microsoft|5c|Windows|5c|CurrentVersion|5c|"

Within: 4

PCRE:

Special Options:

• file_data

source