시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
24,8612017/07/26 2024494  ET CURRENT_EVENTS EITest Keitaro Evil Redirect Leading to SocENG July 25 2017;  
24,8602017/07/26 2024491  ET TROJAN Shifr Ransomware CnC DNS Query (v5t5z6a55ksmt3oh);  
24,8592017/07/26 2024495  ET TROJAN CopyKittens Matryoshka DNS Lookup 1 (winupdate64 . com); [1
24,8582017/07/26 2024492  ET TROJAN Shifr Ransomware CnC DNS Query (ojdue4474qghybjb);  
24,8572017/07/26 2024493  ET CURRENT_EVENTS EITest Inject July 25 2017;  
24,8562017/07/26 2024498  ET TROJAN TDTESS Backdoor User-Agent; [1
24,8552017/07/22 2024487  ET TROJAN Possible NotPetya Related DNS query; [1
24,8542017/07/22 2024490  ET TROJAN HTTP Request with suspicious filename - myguy; [1
24,8532017/07/22 2024489  ET TROJAN Win32/Bitshifter Ransomware CnC Checkin;  
24,8522017/07/22 2024486  ET TROJAN Shifr Ransomware Malicious Domain in SNI Observed;  
24,8512017/07/22 2024488  ET TROJAN Possible NotPetya Related DNS query; [1
24,8502017/07/21 2024482  ET TROJAN DarkHotel Downloader CnC Beacon 1; [1
24,8492017/07/21 2024483  ET TROJAN DarkHotel Downloader CnC Beacon 2; [1
24,8482017/07/21 2024484  ET MALWARE ProxyGearPro Proxy Tool PUA;  
24,8472017/07/21 2024485  ET TROJAN Observed Malicious Domain SSL Cert in SNI (Unknown Stealer CnC);  
24,8462017/07/20 2024480  ET CURRENT_EVENTS Tech Support Scam Landing Jul 19 2017;  
24,8452017/07/20 2024481  ET TFTP Outbound TFTP Data Transfer With Cisco Config 2;  
24,8442017/07/20 2024478  ET TROJAN CDT Credphish/Netwire Campaign DNS Lookup; [1
24,8432017/07/20 2024475  ET TROJAN CDT Credphish/Netwire Campaign DNS Lookup; [1
24,8422017/07/20 2024479  ET TROJAN CDT Credphish/Netwire Campaign DNS Lookup; [1
24,8412017/07/20 2024473  ET TROJAN CDT Credphish/Netwire Campaign DNS Lookup; [1
24,8402017/07/20 2024476  ET TROJAN CDT Credphish/Netwire Campaign DNS Lookup; [1
24,8392017/07/20 2024477  ET TROJAN CDT Credphish/Netwire Campaign DNS Lookup; [1
24,8382017/07/20 2024472  ET TROJAN CDT Credphish/Netwire Campaign DNS Lookup; [1
24,8372017/07/20 2024474  ET TROJAN CDT Credphish/Netwire Campaign DNS Lookup; [1
24,8362017/07/19 2024471  ET TROJAN CoinMiner Known Malicious Stratum Authline (2017-07-17 7);  
24,8352017/07/19 2024470  ET INFO HTTP POST to Free Webhost - Possible Successful Phish (site40.net) Jul 18 2017;  
24,8342017/07/18 2024469  ET TROJAN Observed Malicious DNS Query (Reyptson Ransomware CnC);  
24,8332017/07/15 2024468  ET WEB_SPECIFIC_APPS OGNL Expression Injection (CVE-2017-9791); [1
24,8322017/07/15 2024467  ET TROJAN Observed DNS Query to Known Fenrir Ransomware CnC Domain;  
24,8312017/07/14 2024464  ET CURRENT_EVENTS DNS Query to Generic 107 Phishing Domain;  
24,8302017/07/14 2024466  ET TROJAN Win32/Striked Ransomware CnC Checkin;  
24,8292017/07/14 2024465  ET TROJAN Win32/Striked Ransomware CnC Checkin;  
24,8282017/07/14 2022967  ET CURRENT_EVENTS Successful Google Drive/Dropbox Phish Nov 20;  
24,8272017/07/14 2024462  ET CURRENT_EVENTS Successful Netflix Payment Phish M1 Jan 04 2017;  
24,8262017/07/14 2024463  ET CURRENT_EVENTS Successful Generic 107 Phish Jul 13 2017;  
24,8252017/07/13 2024457  ET TROJAN Possible Winnti-related DNS Lookup (job .yoyakuweb .technology); [1
24,8242017/07/13 2024458  ET TROJAN Possible Winnti-related DNS Lookup (resume .immigrantlol .com); [1
24,8232017/07/13 2024456  ET TROJAN Possible Winnti-related DNS Lookup (vps2java .securitytactics .com); [1
24,8222017/07/13 2024460  ET TROJAN Possible Winnti-related DNS Lookup (css .google-statics .com); [1
24,8212017/07/13 2024461  ET TROJAN LockPOS CnC; [1
24,8202017/07/13 2024459  ET TROJAN Possible Winnti-related DNS Lookup (macos .exoticlol .com); [1
24,8192017/07/12 2024452  ET TROJAN Quant Loader v1.45 Download Request;  
24,8182017/07/12 2024450  ET CURRENT_EVENTS Possible Phishing Blockchain title over non SSL Jul 10 2017;  
24,8172017/07/12 2024451  ET CURRENT_EVENTS Possible Facebook Phishing Landing - Title over non SSL;  
24,8162017/07/12 2024454  ET TROJAN CoinMiner Known Malicious Stratum Authline (2017-07-11);  
24,8152017/07/12 2024453  ET CURRENT_EVENTS Possible Capitech Internet Banking Phishing Landing - Title over non SSL;  
24,8142017/07/12 2024455  ET TROJAN MSIL/Unk.Stealer Data Exfil Via HTTP;  
24,8132017/07/09 2024447  ET CURRENT_EVENTS Apple Tech Support Phone Scam Jul 07 2017;  
24,8122017/07/09 2024446  ET CURRENT_EVENTS Microsoft Tech Support Phone Scam M3 Jul 07 2017;  
< 41  42  43  44  45  46  47  48  49  50 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.