""ET TROJAN US-CERT TA14-353A Lightweight Backdoor 2""

SID: 2020008

Revision: 1

Class Type: trojan-activity

Metadata: created_at 2014_12_23, updated_at 2014_12_23

Reference:

• Link

Protocol: tcp

Source Network: any

Source Port: any

Destination Network: any

Destination Port: 488

Flow: established,to_server

Contents:

• Value: "|60 db 37 37 37 37 37 37|"

Within:

PCRE:

Special Options:

source