""ET TROJAN Silent Miner Changelog Checkin""
SID: 2022034
Revision: 1
Class Type: trojan-activity
Metadata: created_at 2015_11_04, updated_at 2015_11_04
Reference:
-
md5
-
2d51e11a38b7fd448cd0b1d319915e44
Protocol: tcp
Source Network: $EXTERNAL_NET
Source Port: $HTTP_PORTS
Destination Network: $HOME_NET
Destination Port: any
Flow: established,from_server
Contents:
-
Value: "200"
-
Value: "Content-Type|3a 20|text/plain"
-
Value: "Changelog v" Depth: 11
-
Value: "-Added startup folder"
-
Value: "-Changed AutoUpdate Mode"
-
Value: "|7c 7c|----------------"
-
Value: "-Fixed startup .exe without name bug"
-
Value: "-Changed files hosting"
-
Value: "- Added CPU Threads"
Within:
PCRE:
Special Options:
-
http_stat_code
-
http_header
-
file_data
-
fast_pattern