[Emerging-Sigs] Syrian MFA Malware

AD elhoim at gmail.com
Sun Dec 2 20:23:29 HAST 2012


http://www.securelist.com/en/blog/774/A_Targeted_Attack_Against_The_Syrian_Ministry_of_Foreign_Affairs

I see three angles:
- User-Agent
- misspelled HTTP header Proxy-Connetion
- misformatted HTTP header Content_length (should be Content-Length)

Regards,
elhoim


More information about the Emerging-sigs mailing list