[Emerging-Sigs] "F P" for ET TROJAN Suspicious User-Agent - Possible Trojan Downloader (https) 2008019
r.fulton at auckland.ac.nz
Tue Sep 23 18:44:29 EDT 2014
we are seeing several different things using things like this:
I am using the surciata rules which does not check the CR/LF which the original rule did.
More information about the Emerging-sigs