""ET TROJAN Alureon Checkin""
SID: 2019717
Revision: 1
Class Type: trojan-activity
Metadata: created_at 2014_11_18, former_category MALWARE, updated_at 2022_05_03
Reference:
-
md5
-
2155b7942ddc6d7a82e7d96a8c594501
Protocol: tcp
Source Network: $HOME_NET
Source Port: any
Destination Network: $EXTERNAL_NET
Destination Port: any
Flow: established,to_server
Contents:
-
Value: "winver=" Depth: 7
-
Value: "&ver="
Within:
PCRE: "/^winver=\d+&ver=\d+$/"
Special Options: