""ET TROJAN W32/Trojan-Gypikon Server Check-in Response""
SID: 2018130
Revision: 3
Class Type: trojan-activity
Metadata: created_at 2014_02_13, updated_at 2014_04_14
Reference:
-
md5
-
792b725b6a2a52e4eecde846b39eea7d
Protocol: tcp
Source Network: $EXTERNAL_NET
Source Port: any
Destination Network: $HOME_NET
Destination Port: any
Flow: established,from_server
Contents:
-
Value: "|85 19 00 00 25 04 00 00 00 00|"
-
Value: "|40 00 00 00 00|"
Within: 6
PCRE:
Special Options: