Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- alert tcp $HOME_NET any -> $EXTERNAL_NET !$HTTP_PORTS (msg:"TROJAN Netwire RAT Varent 1 Client HeartBeat C2"; flow:established,to_server; dsize:<80; content:"|41 00 00 00 99|"; depth:5; classtype:trojan-activity; sid:20166267; rev:5; metadata:created_at 2018_11_18;)
- alert tcp $HOME_NET any -> $EXTERNAL_NET !$HTTP_PORTS (msg:"TROJAN Netwire RAT Varent 2 Client HeartBeat C2"; flow:established,to_server; dsize:<80; content:"|41 00 00 00 83|"; depth:5; classtype:trojan-activity; sid:20166268; rev:5; metadata:created_at 2018_11_18;)
Advertisement
Add Comment
Please, Sign In to add comment
