""ET TROJAN JavaRAT Requesting Screenshot""
SID: 2026587
Revision: 2
Class Type: trojan-activity
Metadata: affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, created_at 2018_11_07, deployment Perimeter, former_category TROJAN, malware_family JavaRAT, performance_impact Moderate, signature_severity Major, updated_at 2022_03_24, reviewed_at 2023_12_18
Reference:
-
md5
-
9a33176dd80de6f49099a148a2df3491
Protocol: tcp
Source Network: $EXTERNAL_NET
Source Port: any
Destination Network: $HOME_NET
Destination Port: any
Flow: established,to_client
Contents:
-
Value: "SC.CAP_sep_" Depth: 11
-
Value: "sep"
-
Value: "packet"
Within:
PCRE:
Special Options:
- nocase