시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
24,8112017/07/09 2024445  ET CURRENT_EVENTS Microsoft Tech Support Phone Scam M1 Jul 07 2017;  
24,8102017/07/09 2024449  ET CURRENT_EVENTS SUSPICIOUS Possible CVE-2017-0199 IE7/NoCookie/Referer HTA dl;  
24,8092017/07/09 2024444  ET CURRENT_EVENTS Microsoft Tech Support Phone Scam M2 Jul 07 2017;  
24,8082017/07/09 2024448  ET CURRENT_EVENTS Microsoft Tech Support Phone Scam M4 Jul 07 2017;  
24,8072017/07/06 2024443  ET TROJAN Possible Win32/Petya Conn Check; [1
24,8062017/07/06 2024441  ET TROJAN Unknown CnC;  
24,8052017/07/06 2024442  ET TROJAN Unknown CnC Response;  
24,8042017/07/01 2024440  ET TROJAN ABUSE.CH Ransomware/Cerber Onion Domain Lookup; [1
24,8032017/07/01 2024436  ET TROJAN Formbook 0.3 Checkin;  
24,8022017/07/01 2024439  ET TROJAN ABUSE.CH Ransomware/Cerber Onion Domain Lookup; [1
24,8012017/07/01 2024437  ET TROJAN ABUSE.CH Ransomware Domain Detected (Locky C2); [1
24,8002017/07/01 2024438  ET TROJAN ABUSE.CH Ransomware Domain Detected (Locky C2); [1
24,7992017/06/30 2024434  ET CURRENT_EVENTS Suspicious FTP RETR to .hta file possible exploit (CVE-2017-0199);  
24,7982017/06/30 2024435  ET EXPLOIT Possible WINS Server Remote Memory Corruption Vulnerability; [1
24,7972017/06/29 2024432  ET INFO Suspicious HTML Hex Obfuscated Title - Possible Phishing Landing Jun 28 2017;  
24,7962017/06/29 2024431  ET CURRENT_EVENTS Watering Hole Redirect Inject Jun 28 2017;  
24,7952017/06/29 2024430  ET CURRENT_EVENTS Possible ETERNALBLUE Exploit M3 MS17-010;  
24,7942017/06/29 2024433  ET TROJAN Observed Malicious SSL Cert (HiddenTear Variant CnC);  
24,7932017/06/29 2024429  ET TROJAN Unknown NetworkWorm Checkin;  
24,7922017/06/27 2024425  ET TROJAN OSX OceanLotus Checkin;  
24,7912017/06/27 2024427  ET TROJAN Naoinstalad Checkin; [1
24,7902017/06/27 2024428  ET TROJAN Powershell/Unknown CnC Checkin;  
24,7892017/06/27 2024426  ET MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.a CnC Beacon;  
24,7882017/06/24 2024424  ET TROJAN x0Proto File Info Request;  
24,7872017/06/24 2024421  ET ATTACK_RESPONSE Possible BeEF HTTP Headers Inbound;  
24,7862017/06/24 2024422  ET CURRENT_EVENTS Amazon Phish Landing Jun 22;  
24,7852017/06/24 2024420  ET TROJAN MalDoc Retrieving Malicious Payload (Possibly Ursnif);  
24,7842017/06/24 2024423  ET TROJAN x0Proto File Contents Exfil Request;  
24,7832017/06/23 2024419  ET TROJAN FF-RAT Stage 1 CnC Checkin; [1
24,7822017/06/21 2024416  ET WEB_CLIENT BeEF HTTP Get Outbound; [1
24,7812017/06/21 2024417  ET TROJAN Fake Windows Scam ScreenLocker;  
24,7802017/06/21 2024418  ET TROJAN DragonOK KHRAT Downloader Receiving Payload;  
24,7792017/06/20 2024415  ET WEB_CLIENT Possible BeEF Module in use;  
24,7782017/06/20 2024407  ET TROJAN Possible Pegasus Related DNS Lookup (mymensaje-sms .com); [1
24,7772017/06/20 2024412  ET EXPLOIT Possible SharePoint XSS (CVE-2017-8514) Inbound; [1
24,7762017/06/20 2024414  ET CURRENT_EVENTS RIG EK Broken/Filtered Payload Download Jun 19 2017;  
24,7752017/06/20 2024409  ET TROJAN Possible Pegasus Related DNS Lookup (ideas-telcel .com.mx); [1
24,7742017/06/20 2024405  ET TROJAN Possible Pegasus Related DNS Lookup (secure-access10 .mx); [1
24,7732017/06/20 2024408  ET TROJAN Possible Pegasus Related DNS Lookup (smscentro .com); [1
24,7722017/06/20 2024406  ET TROJAN Possible Pegasus Related DNS Lookup (network190 .com); [1
24,7712017/06/20 2024413  ET CURRENT_EVENTS CVE-2017-0199 Common Obfus Stage 2 DL;  
24,7702017/06/20 2024411  ET MOBILE_MALWARE Android.Dropper.Abd Checkin; [1
24,7692017/06/20 2024410  ET TROJAN Possible Pegasus Related DNS Lookup (twiitter .com.mx); [1
24,7682017/06/17 2024385  ET CURRENT_EVENTS Possible iCloud Phishing Landing - Title over non SSL;  
24,7672017/06/17 2024402  ET CURRENT_EVENTS Possible Facebook Phishing Landing - Title over non SSL;  
24,7662017/06/17 2024393  ET CURRENT_EVENTS Possible Free Mobile Phishing Landing - Title over non SSL;  
24,7652017/06/17 2024388  ET CURRENT_EVENTS Possible Dropbox Phishing Landing - Title over non SSL;  
24,7642017/06/17 2024391  ET CURRENT_EVENTS Possible Paypal Phishing Landing - Title over non SSL;  
24,7632017/06/17 2024397  ET CURRENT_EVENTS Possible Facebook Help Center Phishing Landing - Title over non SSL;  
24,7622017/06/17 2024390  ET CURRENT_EVENTS Possible Yahoo Phishing Landing - Title over non SSL;  
< 41  42  43  44  45  46  47  48  49  50 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.