[Emerging-Sigs] Android\Updtkiller

tdzmont tdzmont at gmail.com
Wed Dec 26 05:49:26 HAST 2012


98a8672af274077f94a5ef551a37cc29

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET
MOBILE_MALWARE Android/Updtkiller Sending Device Information";
flow:established,to_server; content:"/phone_getinfokou_android.php";
http_uri; reference:url,www.symantec.com/ja/jp/security_response/writeup.jsp?docid=2012-082308-1823-99&tabid=2;
classtype:trojan-activity; sid:0; rev:1;)


More information about the Emerging-sigs mailing list