시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
26,0112018/05/17 2025579  ET CURRENT_EVENTS Successful Generic Phish 2018-05-16 (set);  
26,0102018/05/12 2405207  ET CNC Shadowserver Reported CnC Server Port 64500 Group 1; [1,2
26,0092018/05/12 2405208  ET CNC Shadowserver Reported CnC Server Port 65267 Group 1; [1,2
26,0082018/05/12 2025164  ET TROJAN W32/Patchwork.Backdoor CnC Check-in M2;  
26,0072018/05/12 2025575  ET TROJAN ELF/Muhstik Attempting to Download Payload; [1
26,0062018/05/12 2025163  ET TROJAN W32/Patchwork.Backdoor Communicating with CnC;  
26,0052018/05/12 2025576  ET USER_AGENTS HackingTrio UA (Hello, World);  
26,0042018/05/12 2025574  ET WEB_SPECIFIC_APPS Apache ActiveMQ File Upload RCE (CVE-2016-3088); [1
26,0032018/05/11 2025572  ET CURRENT_EVENTS Paypal Phishing Landing 2018-05-09;  
26,0022018/05/11 2025571  ET CURRENT_EVENTS Paypal Phishing Landing 2018-05-09;  
26,0012018/05/11 2025573  ET CURRENT_EVENTS Paypal Phishing Landing 2018-05-09;  
26,0002018/05/11 2025568  ET CURRENT_EVENTS Netflix Phishing Landing 2018-05-09;  
25,9992018/05/11 2025570  ET CURRENT_EVENTS Paypal Phishing Landing 2018-05-09;  
25,9982018/05/11 2025569  ET CURRENT_EVENTS Netflix Phishing Landing 2018-05-09;  
25,9972018/05/09 2025563  ET CURRENT_EVENTS Possible TSB Bank Phishing Landing 2018-05-07;  
25,9962018/05/09 2025566  ET CURRENT_EVENTS Successful Generic Phish 2018-05-08 (set);  
25,9952018/05/09 2025565  ET CURRENT_EVENTS Successful Generic Phish 2018-05-08 (set);  
25,9942018/05/09 2025562  ET CURRENT_EVENTS Successful IRS Phish 2018-05-07;  
25,9932018/05/09 2025567  ET TROJAN Iron Ransomware Domain (y5mogzal2w25p6bn .ml in DNS Lookup);  
25,9922018/05/09 2025561  ET CURRENT_EVENTS IRS Phishing Landing 2018-05-07;  
25,9912018/05/09 2025564  ET CURRENT_EVENTS Possible Successful TSB Bank Phish 2018-05-07;  
25,9902018/05/08 2025560  ET INFO Observed DNS Query to .myq-see .com DDNS Domain;  
25,9892018/05/08 2025559  ET TROJAN BKransomware Domain (3whyfziey2vr41yq in DNS Lookup);  
25,9882018/05/06 2405206  ET CNC Shadowserver Reported CnC Server Port 65267 Group 1; [1,2
25,9872018/05/06 2405205  ET CNC Shadowserver Reported CnC Server Port 64500 Group 1; [1,2
25,9862018/05/05 2025558  ET CURRENT_EVENTS [PTsecurity] Possible Malicious (HTA-VBS-PowerShell) obfuscated command;  
25,9852018/05/05 2025557  ET TROJAN RedLeaves HOGFISH APT Implant CnC; [1
25,9842018/05/03 2025555  ET CURRENT_EVENTS Netflix Phishing Landing 2018-05-02;  
25,9832018/05/03 2025556  ET CURRENT_EVENTS Paypal Phishing Landing 2018-05-02;  
25,9822018/05/03 2025554  ET CURRENT_EVENTS Possible Successful Generic Phish (set) 2018-05-02;  
25,9812018/05/03 2025553  ET INFO Possible Rogue LoJack Asset Tracking Agent; [1
25,9802018/05/02 2025551  ET CURRENT_EVENTS Docusign Phishing Landing 2018-05-01;  
25,9792018/05/02 2025546  ET TROJAN Observed GandCrab Ransomware Domain (carder .bit in DNS Lookup);  
25,9782018/05/02 2025550  ET CURRENT_EVENTS OneDrive Phishing Landing 2018-05-01;  
25,9772018/05/02 2025547  ET TROJAN Likely GandCrab Ransomware Domain in HTTP Host M1;  
25,9762018/05/02 2025549  ET CURRENT_EVENTS Bank of America Phishing Landing 2018-05-01;  
25,9752018/05/02 2025548  ET TROJAN Likely GandCrab Ransomware Domain in HTTP Host M2;  
25,9742018/05/02 2025552  ET TROJAN Java/QRat Variant Checkin;  
25,9732018/04/29 2025545  ET WEB_SPECIFIC_APPS DNN DNNPersonalization Cookie RCE Attempt (CVE-2017-9822); [1
25,9722018/04/27 2025544  ET TROJAN MSIL/GravityRAT CnC Domain (mylogisoft .com in DNS Lookup); [1
25,9712018/04/27 2025540  ET TROJAN MSIL/G2 Stealer/GravityRAT CnC Checkin; [1
25,9702018/04/27 2025542  ET TROJAN MSIL/GravityRAT CnC Domain (msoftupdates .com in DNS Lookup); [1
25,9692018/04/27 2025536  ET CURRENT_EVENTS Observed Malicious SSL Cert (Coin-Hive In Browser Mining);  
25,9682018/04/27 2025538  ET TROJAN MSIL/G1 Stealer/GravityRAT Uploading File; [1
25,9672018/04/27 2025543  ET TROJAN MSIL/GravityRAT CnC Domain (msoftupdates .eu in DNS Lookup); [1
25,9662018/04/27 2025534  ET WEB_SPECIFIC_APPS Drupalgeddon2 <8.3.9 <8.4.6 <8.5.1 RCE Through Registration Form (CVE-2018-7600); [1
25,9652018/04/27 2025533  ET WEB_SPECIFIC_APPS Drupal RCE (CVE-2018-7602); [1
25,9642018/04/27 2025535  ET CURRENT_EVENTS Observed Coin-Hive In Browser Mining Domain (coin-hive .com in TLS SNI);  
25,9632018/04/27 2025537  ET MALWARE Lavasoft PUA/Adware Client Install;  
25,9622018/04/27 2025539  ET TROJAN MSIL/G1 Stealer/GravityRAT Requesting Payload; [1
< 21  22  23  24  25  26  27  28  29  30 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.