시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
26,9112018/10/14 2026474  ET CURRENT_EVENTS Fake FlashPlayer Update Leading to CoinMiner M1 2018-10-12; [1
26,9102018/10/14 2026475  ET CURRENT_EVENTS Fake FlashPlayer Update Leading to CoinMiner M2 2018-10-12; [1
26,9092018/10/13 2026472  ET TROJAN [PTsecurity] Kraken Ransomware Start Activity 2;  
26,9082018/10/13 2026471  ET TROJAN Kraken Ransomware Start Activity 1;  
26,9072018/10/13 2026473  ET TROJAN Kraken Ransomware End Activity;  
26,9062018/10/12 2026465  ET CURRENT_EVENTS Successful Generic Phish (set) 2018-10-10;  
26,9052018/10/12 2026469  ET TROJAN FruityArmor DNS Lookup (weekendstrips .net); [1
26,9042018/10/12 2026467  ET TROJAN Observed Malicious SSL Cert (Win32/Gadwats Banker CnC Domain); [1
26,9032018/10/12 2026470  ET TROJAN FruityArmor DNS Lookup (shelves-design .com); [1
26,9022018/10/12 2026468  ET TROJAN Observed Malicious SSL Cert (Win32/Gadwats Banker CnC Domain); [1
26,9012018/10/12 2026466  ET CURRENT_EVENTS Successful Generic Phish (set) 2018-10-10;  
26,9002018/10/12 2026464  ET SCAN Hello Peppa! Scan Activity; [1
26,8992018/10/11 2026461  ET CURRENT_EVENTS Possible Locky Payload DL Sept 26 2017 M3;  
26,8982018/10/11 2026463  ET CURRENT_EVENTS StarDotStar HELO, suspected AUTH LOGIN botnet;  
26,8972018/10/11 2026460  ET TROJAN Possible Locky JS Downloading Payload;  
26,8962018/10/11 2026462  ET CURRENT_EVENTS Possible Locky Payload DL Sept 26 2017 M4;  
26,8952018/10/10 2026457  ET MOBILE_MALWARE Android APT-C-23 (mail-accout .club in TLS SNI); [1
26,8942018/10/10 2026459  ET MOBILE_MALWARE Android APT-C-23 (pmi-pna .com in TLS SNI); [1
26,8932018/10/10 2026448  ET MOBILE_MALWARE Android APT-C-23 (lyanna-stark .info in DNS Lookup); [1
26,8922018/10/10 2026452  ET MOBILE_MALWARE Android APT-C-23 (cerseilannister .info in DNS Lookup); [1
26,8912018/10/10 2026455  ET MOBILE_MALWARE Android APT-C-23 (harrykane .online in TLS SNI); [1
26,8902018/10/10 2026450  ET MOBILE_MALWARE Android APT-C-23 (parrotchat .co in DNS Lookup); [1
26,8892018/10/10 2026451  ET MOBILE_MALWARE Android APT-C-23 (parrotchat .co in TLS SNI); [1
26,8882018/10/10 2026453  ET MOBILE_MALWARE Android APT-C-23 (cerseilannister .info in TLS SNI); [1
26,8872018/10/10 2026456  ET MOBILE_MALWARE Android APT-C-23 (mail-accout .club in DNS Lookup); [1
26,8862018/10/10 2026458  ET MOBILE_MALWARE Android APT-C-23 (pmi-pna .com in DNS Lookup); [1
26,8852018/10/10 2026454  ET MOBILE_MALWARE Android APT-C-23 (harrykane .online in DNS Lookup); [1
26,8842018/10/10 2026449  ET MOBILE_MALWARE Android APT-C-23 (lyanna-stark .info in TLS SNI); [1
26,8832018/10/10 2026447  ET MOBILE_MALWARE Android APT-C-23 (harper-monty .site in TLS SNI); [1
26,8822018/10/10 2026446  ET MOBILE_MALWARE Android APT-C-23 (harper-monty .site in DNS Lookup); [1
26,8812018/10/10 2026444  ET MOBILE_MALWARE Android APT-C-23 (cecilia-gilbert .com in DNS Lookup); [1
26,8802018/10/10 2026445  ET MOBILE_MALWARE Android APT-C-23 (cecilia-gilbert .com in TLS SNI); [1
26,8792018/10/10 2026442  ET MOBILE_MALWARE Android APT-C-23 (ososezo .site in DNS Lookup); [1
26,8782018/10/10 2026443  ET MOBILE_MALWARE Android APT-C-23 (ososezo .site in TLS SNI); [1
26,8772018/10/05 2026436  ET TROJAN Win32.YordanyanActiveAgent Generic CnC Pattern;  
26,8762018/10/05 2026434  ET TROJAN VBScript Redirect Style Exe File Download;  
26,8752018/10/05 2026441  ET TROJAN APT28 - Web/request -FILE- contenttype; [1
26,8742018/10/05 2026435  ET TROJAN Win32.YordanyanActiveAgent CnC Reporting;  
26,8732018/10/05 2026437  ET TROJAN NCSC XAgent Beacon; [1
26,8722018/10/05 2026438  ET TROJAN NCSC XAgent itwm beacon v1; [1
26,8712018/10/05 2026440  ET TROJAN NCSC APT28 - CompuTrace_Beacon_UserAgent; [1
26,8702018/10/05 2026439  ET TROJAN NCSC XAgent itwm beacon v2; [1
26,8692018/10/03 2026432  ET TROJAN Reaper (APT37) DNS Lookup (kmbr1 .nitesbr1 .org); [1
26,8682018/10/03 2026433  ET TROJAN [PTsecurity] Win32/Remcos RAT Checkin 51;  
26,8672018/10/03 2026431  ET TROJAN Win32/Final1stspy CnC Checkin (Reaper/APT37 Stage 1 Payload); [1
26,8662018/10/03 2026429  ET TROJAN VPNFilter htpx Module C2 Request; [1
26,8652018/10/03 2026430  ET CURRENT_EVENTS Successful Generic .EDU.TW Phish (Legit Set);  
26,8642018/10/03 2026428  ET USER_AGENTS VPNFilter Related UA (curl53); [1
26,8632018/09/30 2026427  ET INFO Possibly Malicious VBS Writing to Persistence Registry Location;  
26,8622018/09/30 2026421  ET CURRENT_EVENTS Underminer EK Key POST;  
1  2  3  4  5  6  7  8  9  10 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.