Contact us

Solutions

Featured solutions AI Campus and branch Data center WAN Security Service provider Cloud operator Industries

Services

Services

Take me to HPE.com

TROJAN: China Chopper Webshell Command and Control Traffic

This signature detects the Command and Control traffic for the Win.Backdoor.Chopper Webshell Trojan. The source IP host is infected and should be removed from the network for analysis.

References

URL: https://www.fireeye.com/blog/threat-research/2013/08/breaking-down-the-china-chopper-web-shell-part-i.html http://informationonsecurity.blogspot.in/2012/11/china-chopper-webshell.html https://www.exploit-db.com/docs/27654.pdf

Short Name

TROJAN:BACKDOOR:CHINACHOPPERCNC

Severity

Major

Recommended

False

Recommended Action

Drop

Category

TROJAN

Keywords

China Chopper Command Control Traffic Webshell and

Release Date

08/24/2015

Supported Platforms

srx-branch-12.3

srx-branch-19.3

vsrx3bsd-19.2

vsrx3bsd-19.4

srx-branch-19.4

vsrx-19.4

srx-19.4

vsrx-12.3

srx-12.3

vsrx-19.2

srx-19.3

vmx-19.4

mx-12.3

mx-19.4

mx-19.3

vmx-19.3

Sigpack Version

3324

False Positive

Unknown