시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
25,6112018/01/23 2025230  ET TROJAN VBS.ARS Checkin; [1
25,6102018/01/23 2025236  ET CURRENT_EVENTS Possible Compromised Wordpress - Generic Phishing Landing 2018-01-22;  
25,6092018/01/23 2025227  ET INFO Possible Phishing Landing - Common Multiple JS Unescape May 25 2017;  
25,6082018/01/20 2025224  ET TROJAN Unknown EXE Dropped by 2017-11882 RTF; [1
25,6072018/01/20 2025226  ET CURRENT_EVENTS Microsoft Questionnaire Phishing Landing 2018-01-19;  
25,6062018/01/20 2025225  ET TROJAN Win32.Drun Checkin; [1
25,6052018/01/20 2025223  ET EXPLOIT Possible Belkin N600DB Wireless Router Request Forgery Attempt;  
25,6042018/01/20 2025222  ET EXPLOIT Generic ADSL Router DNS Change Request;  
25,6032017/12/09 2405164  ET CNC Shadowserver Reported CnC Server Port 65267 Group 1; [1,2
25,6022017/12/08 2405162  ET CNC Shadowserver Reported CnC Server Port 54321 Group 1; [1,2
25,6012017/12/08 2405163  ET CNC Shadowserver Reported CnC Server Port 65267 Group 1; [1,2
25,6002017/12/08 2025141  ET TROJAN Injected WP Keylogger/Coinminer Domain Detected (cloudflare .solutions in DNS Lookup); [1
25,5992017/12/08 2025142  ET TROJAN Sharik/Smoke CnC Beacon 8;  
25,5982017/12/07 2405161  ET CNC Shadowserver Reported CnC Server Port 65267 Group 1; [1,2
25,5972017/12/07 2025138  ET POLICY localtunnel Reverse Proxy Domain (localtunnel .me in DNS Lookup); [1
25,5962017/12/07 2025139  ET POLICY localtunnel Reverse Proxy Domain (localtunnel .me in TLS SNI); [1
25,5952017/12/07 2025140  ET CURRENT_EVENTS Possible MyEtherWallet Phishing Landing - Title over non SSL;  
25,5942017/12/07 2025123  ET INFO MIPS File Download Request from IP Address;  
25,5932017/12/07 2025135  ET TROJAN [PTsecurity] Botnet Nitol.B Checkin;  
25,5922017/12/07 2025137  ET CURRENT_EVENTS Possible Facebook Phishing Landing - Title over non SSL;  
25,5912017/12/07 2025133  ET POLICY possible OnePlus phone data leakage DNS; [1
25,5902017/12/07 2025125  ET INFO ARM7 File Download Request from IP Address;  
25,5892017/12/07 2025120  ET TROJAN Possible Sharik/Smoke Loader Microsoft Connectivity check;  
25,5882017/12/07 2025131  ET INFO SUPERH File Download Request from IP Address;  
25,5872017/12/07 2025130  ET INFO X86_64 File Download Request from IP Address;  
25,5862017/12/07 2025126  ET INFO x86 File Download Request from IP Address;  
25,5852017/12/07 2025128  ET INFO SPARC File Download Request from IP Address;  
25,5842017/12/07 2025122  ET INFO MIPSEL File Download Request from IP Address;  
25,5832017/12/07 2025129  ET INFO POWERPC File Download Request from IP Address;  
25,5822017/12/07 2025127  ET INFO m68k File Download Request from IP Address;  
25,5812017/12/07 2025121  ET TROJAN MewsSpy.AE Onion Domain (cxkefbwo7qcmlelb in DNS Lookup);  
25,5802017/12/07 2025134  ET POLICY OnePlus phone data leakage; [1
25,5792017/12/07 2025132  ET EXPLOIT Realtek SDK Miniigd UPnP SOAP Command Execution CVE-2014-8361; [1,2,3
25,5782017/12/07 2025136  ET TROJAN njRAT/Bladabindi Variant (Lime) CnC Checkin;  
25,5772017/12/07 2025124  ET INFO ARM File Download Request from IP Address;  
25,5762017/12/07 2025119  ET TROJAN Sharik/Smoke CnC Beacon 7;  
25,5752017/12/07 2025118  ET TROJAN Observed SluttyPutty Maldoc User-Agent;  
25,5742017/12/06 2405160  ET CNC Shadowserver Reported CnC Server Port 65267 Group 1; [1,2
25,5732017/12/06 2025117  ET POLICY localtunnel Sucessful Connection Setup; [1
25,5722017/12/06 2025107  ET INFO DNS Query for Suspicious .cf Domain;  
25,5712017/12/06 2025106  ET INFO DNS Query for Suspicious .ml Domain;  
25,5702017/12/06 2025104  ET INFO DNS Query for Suspicious .gq Domain;  
25,5692017/12/06 2025100  ET INFO HTTP POST Request to Suspicious *.gq domain;  
25,5682017/12/06 2025114  ET CURRENT_EVENTS Successful EDU Phish 2017-12-04;  
25,5672017/12/06 2025102  ET INFO HTTP POST Request to Suspicious *.ml Domain;  
25,5662017/12/06 2025116  ET POLICY localtunnel Connection Setup Attempt; [1
25,5652017/12/06 2025097  ET INFO HTTP POST Request to Suspicious *.gdn Domain;  
25,5642017/12/06 2025103  ET INFO HTTP POST Request to Suspicious *.cf Domain;  
25,5632017/12/06 2025101  ET INFO HTTP POST Request to Suspicious *.ga Domain;  
25,5622017/12/06 2025098  ET INFO DNS Query for Suspicious .gdn Domain;  
< 31  32  33  34  35  36  37  38  39  40 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.