시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
25,4612017/11/17 2025010  ET TROJAN Powershell commands sent B64 1;  
25,4602017/11/17 2024999  ET CURRENT_EVENTS Successful OWA Phish Apr 25 2017;  
25,4592017/11/17 2025002  ET CURRENT_EVENTS Successful Personalized OWA Webmail Phish Oct 04 2016;  
25,4582017/11/17 2025004  ET CURRENT_EVENTS Google Drive Phishing Landing Sept 3;  
25,4572017/11/17 2025005  ET CURRENT_EVENTS Possible Successful Generic Phish Jan 14 2016;  
25,4562017/11/17 2025006  ET CURRENT_EVENTS Possible Phishing Redirect Feb 09 2016;  
25,4552017/11/17 2025009  ET POLICY PTsecurity Remote Desktop AeroAdmin handshake;  
25,4542017/11/17 2025011  ET TROJAN Powershell commands sent B64 2;  
25,4532017/11/17 2024998  ET CURRENT_EVENTS Successful Generic AES Phish M2 Oct 24 2017;  
25,4522017/11/17 2025000  ET CURRENT_EVENTS Possible Successful Phish to Hostinger Domains Apr 4 M4;  
25,4512017/11/17 2025001  ET CURRENT_EVENTS Possible Successful Websocket Credential Phish Sep 15 2017;  
25,4502017/11/17 2024997  ET CURRENT_EVENTS Successful Generic AES Phish M1 Oct 24 2017;  
25,4492017/11/17 2025003  ET CURRENT_EVENTS Successful TeamIPwned Phish Aug 30 2016;  
25,4482017/11/17 2025008  ET POLICY PTsecurity Remote Desktop AeroAdmin Server Hello;  
25,4472017/11/16 2405149  ET CNC Shadowserver Reported CnC Server Port 65267 Group 1; [1,2
25,4462017/11/16 2024994  ET WEB_CLIENT PWNJS JS Constructs; [1
25,4452017/11/16 2024993  ET WEB_CLIENT Type Confusion Microsoft Edge (CVE-2017-11873); [1
25,4442017/11/16 2024992  ET TROJAN Lazarus FALLCHILL Fake SSL Checkin 2; [1
25,4432017/11/16 2024996  ET WEB_CLIENT Google Chrome XSS (CVE-2017-5124);  
25,4422017/11/16 2024990  ET TROJAN Lazarus FALLCHILL Fake SSL Checkin 1; [1
25,4412017/11/16 2024991  ET TROJAN Win32/TinyNuke CnC Checkin;  
25,4402017/11/16 2024995  ET WEB_CLIENT Apple Safari UXSS (CVE-2017-7089);  
25,4392017/11/15 2405148  ET CNC Shadowserver Reported CnC Server Port 65267 Group 1; [1,2
25,4382017/11/15 2405147  ET CNC Shadowserver Reported CnC Server Port 54321 Group 1; [1,2
25,4372017/11/15 2024985  ET CURRENT_EVENTS SocEng Fake Font Download Template Nov 14 2017; [1
25,4362017/11/15 2024983  ET TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain; [1
25,4352017/11/15 2024986  ET TROJAN SunOrcal Reaver Domain Observed (tashdqdxp .com in DNS Lookup);  
25,4342017/11/15 2024987  ET TROJAN SunOrcal Reaver Domain Observed (weryhstui .com in DNS Lookup);  
25,4332017/11/15 2024981  ET TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain; [1
25,4322017/11/15 2024984  ET TROJAN Win32/RCAP CnC Checkin;  
25,4312017/11/15 2024988  ET TROJAN SunOrcal Reaver Domain Observed (fyoutside .com in DNS Lookup);  
25,4302017/11/15 2024989  ET TROJAN SunOrcal Reaver Domain Observed (olinaodi .com in DNS Lookup);  
25,4292017/11/15 2024982  ET TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain; [1
25,4282017/11/14 2405145  ET CNC Shadowserver Reported CnC Server Port 54321 Group 1; [1,2
25,4272017/11/14 2405146  ET CNC Shadowserver Reported CnC Server Port 65267 Group 1; [1,2
25,4262017/11/14 2405144  ET CNC Shadowserver Reported CnC Server Port 51987 Group 1; [1,2
25,4252017/11/14 2405143  ET CNC Shadowserver Reported CnC Server Port 47221 Group 1; [1,2
25,4242017/11/14 2024980  ET EXPLOIT Actiontec C1000A backdoor account;  
25,4232017/11/14 2024979  ET TROJAN Observed Malicious SSL Cert (IcedID CnC); [1
25,4222017/11/11 2405141  ET CNC Shadowserver Reported CnC Server Port 54321 Group 1; [1,2
25,4212017/11/11 2405142  ET CNC Shadowserver Reported CnC Server Port 65267 Group 1; [1,2
25,4202017/11/11 2405140  ET CNC Shadowserver Reported CnC Server Port 51987 Group 1; [1,2
25,4192017/11/09 2024972  ET WEB_CLIENT pshell dl/execute primitives in wideb64 2; [1
25,4182017/11/09 2024975  ET WEB_CLIENT pshell dl/execute primitives in wideb64 5; [1
25,4172017/11/09 2024978  ET INFO Browser Plugin Detect - Observed in Apple Phishing;  
25,4162017/11/09 2024973  ET WEB_CLIENT pshell dl/execute primitives in wideb64 3; [1
25,4152017/11/09 2024976  ET WEB_CLIENT pshell dl/execute primitives in wideb64 6; [1
25,4142017/11/09 2024974  ET WEB_CLIENT pshell dl/execute primitives in wideb64 4; [1
25,4132017/11/09 2024977  ET ATTACK_RESPONSE 401TRG Perl DDoS IRCBot File Download;  
25,4122017/11/09 2024971  ET WEB_CLIENT pshell dl/execute primitives in wideb64 1; [1
< 31  32  33  34  35  36  37  38  39  40 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.