시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
27,0112018/11/15 2026591  ET CURRENT_EVENTS Observed Malicious SSL Cert (MageCart Group 3 Staging Domain); [1
27,0102018/11/10 2026588  ET TROJAN MSIL.Kraken.v2 HTTP Pattern; [1
27,0092018/11/07 2026578  ET TROJAN APT33/CharmingKitten Encrypted Payload Inbound;  
27,0082018/11/07 2026575  ET TROJAN APT33/CharmingKitten JS/HTA Stage 1 CnC Checkin;  
27,0072018/11/07 2026576  ET TROJAN APT33/CharmingKitten Shellcode Communicating with CnC;  
27,0062018/11/07 2026577  ET TROJAN APT33/CharmingKitten Retrieving New Payload (flowbit set);  
27,0052018/11/07 2026573  ET TROJAN APT33/CharmingKitten DDNS Overlap Domain in DNS Lookup;  
27,0042018/11/07 2026574  ET TROJAN APT33/CharmingKitten DDNS Overlap Domain in DNS Lookup;  
27,0032018/11/07 2026572  ET TROJAN MSIL.BackNet Checkin;  
27,0022018/11/03 2026569  ET INFO GET to Puu.sh for TXT File with Minimal Headers;  
27,0012018/11/02 2026566  ET MOBILE_MALWARE Android/GPlayed (sub1 .tdsworker .ru in DNS Lookup); [1
27,0002018/11/02 2026567  ET EXPLOIT Possible CVE-2018-4407 - Apple ICMP DoS PoC; [1,2
26,9992018/11/02 2026565  ET TROJAN BlackTech/PLEAD TSCookie CnC Checkin M1; [1
26,9982018/11/02 2026568  ET TROJAN BlackTech/PLEAD TSCookie CnC Checkin M2; [1
26,9972018/10/31 2026559  ET TROJAN TrueBot/Silence.Downloader CnC Checkin;  
26,9962018/10/31 2026564  ET TROJAN MSIL/KeyRedirEx Banker Receiving Exit Instruction; [1
26,9952018/10/31 2026560  ET TROJAN TrueBot/Silence.Downloader Keep-Alive;  
26,9942018/10/31 2026562  ET TROJAN MSIL/KeyRedirEx Banker Requesting Redirect/Inject List; [1
26,9932018/10/31 2026563  ET TROJAN MSIL/KeyRedirEx Banker Receiving Redirect/Inject List; [1
26,9922018/10/31 2026561  ET POLICY External Host Creating Docker Container; [1
26,9912018/10/28 2026558  ET USER_AGENTS Suspicious UA Observed (IEhook);  
26,9902018/10/28 2026557  ET TROJAN Win32/Agent.AAAI - Possible DNS Tunneling/CnC;  
26,9892018/10/27 2026553  ET CURRENT_EVENTS Successful Generic Phish to zap-webspace.com Webhost 2018-10-25;  
26,9882018/10/27 2026556  ET TROJAN Sharik/Smoke Fake 404 Response with Payload Location;  
26,9872018/10/27 2026554  ET CURRENT_EVENTS Successful Cryptocurrency Exchange Phish (set) 2018-10-25;  
26,9862018/10/27 2026555  ET TROJAN Sharik/Smoke CnC Beacon 12;  
26,9852018/10/27 2026552  ET WEB_SERVER Possible jQuery File Upload Attempt; [1
26,9842018/10/26 2026542  ET TROJAN Octopus Malware CnC Server Request; [1
26,9832018/10/26 2026543  ET TROJAN Octopus Malware CnC Server Connectivity Check; [1
26,9822018/10/26 2026544  ET TROJAN Octopus Malware CnC Activity; [1
26,9812018/10/26 2026539  ET TROJAN Possible APT28 DOC Uploader SSL/TLS Certificate Observed;  
26,9802018/10/26 2026551  ET TROJAN MICROPSIA HTTP Failover Reporting Infected System Information and RAT Version; [1
26,9792018/10/26 2026549  ET TROJAN MICROPSIA HTTP Failover Response M2; [1
26,9782018/10/26 2026547  ET TROJAN MICROPSIA HTTP Failover CnC Checkin; [1
26,9772018/10/26 2026548  ET TROJAN MICROPSIA HTTP Failover Response M1; [1
26,9762018/10/26 2026546  ET TROJAN MICROPSIA CnC Domain Observed in SNI (samwinchester .club); [1
26,9752018/10/26 2026550  ET TROJAN MICROPSIA Sending JPG Screenshot to CnC with .his Extension; [1
26,9742018/10/26 2026545  ET TROJAN Sidewinder Stage 2 VBS Downloader Reporting Successful Infection; [1
26,9732018/10/26 2026541  ET TROJAN Octopus Malware Initial Connectivity Check; [1
26,9722018/10/26 2026537  ET POLICY Suspicious EXE Download Content-Type image/jpeg;  
26,9712018/10/25 2026536  ET CURRENT_EVENTS Possible Successful Generic Phish to .gqn Domain 2018-10-23;  
26,9702018/10/25 2026531  ET WEB_CLIENT IE Double Free (CVE-2018-8460);  
26,9692018/10/25 2026535  ET CURRENT_EVENTS Possible Successful Generic Phish to .gq Domain 2018-10-23;  
26,9682018/10/25 2026534  ET CURRENT_EVENTS Possible Successful Generic Phish to .ga Domain 2018-10-23;  
26,9672018/10/25 2026533  ET CURRENT_EVENTS Possible Successful Generic Phish to .cf Domain 2018-10-23;  
26,9662018/10/25 2026532  ET CURRENT_EVENTS Possible Successful Generic Phish to .ml Domain 2018-10-23;  
26,9652018/10/24 2026529  ET CURRENT_EVENTS Successful Fedex/DHL Phish (set) 2018-10-22;  
26,9642018/10/24 2026530  ET CURRENT_EVENTS Successful Generic Phish (set) 2018-10-22;  
26,9632018/10/24 2026528  ET TROJAN Win32/Banload.Downloader Variant CnC Check-in;  
26,9622018/10/21 2026527  ET TROJAN Zebrocy Backdoor CnC Activity;  
1  2  3  4  5  6  7  8  9  10 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.