Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
SHELLCODE:X86:BLOXOR-TCP-CTS |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
SHELLCODE |
Keywords |
Metasploit x86/bloxor Encoder Routine Over TCP-CTS |
Release Date |
2014/07/21 |
Update Number |
2303 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
SHELLCODE: Metasploit x86/bloxor Encoder Routine Over TCP-CTS
This signature detects payloads being transferred over network that have been encoded using x86/bloxor encoder routine. This may be an indication of someone trying to evade anti-virus/IPS solutions and possibly drop malicious code.
References