| 번호 | 날짜 | ID | 시그니처 (Total Ruleset: 27,111개) | 
| 23,561 | 2016/09/16 | 2023211 | ET TROJAN Windows driverquery -v Microsoft Windows DOS prompt command exit OUTBOUND; | 
| 23,560 | 2016/09/16 | 2023212 | ET TROJAN Windows driverquery -si Microsoft Windows DOS prompt command exit OUTBOUND; | 
| 23,559 | 2016/09/16 | 2023206 | ET TROJAN Windows Microsoft Windows DOS prompt command Error Invalid Argument; | 
| 23,558 | 2016/09/16 | 2023207 | ET TROJAN Windows Microsoft Windows DOS prompt command Error not recognized; | 
| 23,557 | 2016/09/16 | 2023208 | ET TROJAN Windows Microsoft Windows DOS prompt command Error not found; | 
| 23,556 | 2016/09/16 | 2023209 | ET TROJAN Windows net statistics workstation Microsoft Windows DOS prompt command exit OUTBOUND; | 
| 23,555 | 2016/09/16 | 2023210 | ET TROJAN Windows net statistics server Microsoft Windows DOS prompt command exit OUTBOUND; | 
| 23,554 | 2016/09/15 | 2023205 | ET TROJAN Windows dir Microsoft Windows DOS prompt command exit OUTBOUND; | 
| 23,553 | 2016/09/15 | 2023204 | ET TROJAN Quant Loader Download Response; | 
| 23,552 | 2016/09/15 | 2023203 | ET TROJAN Quant Loader Download Request; | 
| 23,551 | 2016/09/15 | 2023201 | ET EXPLOIT Possible MySQL CVE-2016-6662 Attempt; [1] | 
| 23,550 | 2016/09/15 | 2023202 | ET EXPLOIT Possible MySQL cnf overwrite CVE-2016-6662 Attempt; [1] | 
| 23,549 | 2016/09/15 | 2023200 | ET CURRENT_EVENTS RIG EK Landing Sep 13 2016 (b643); | 
| 23,548 | 2016/09/15 | 2023197 | ET USER_AGENTS Microsoft Edge on Windows 10 SET; | 
| 23,547 | 2016/09/15 | 2023198 | ET CURRENT_EVENTS RIG EK Landing Sep 13 2016 (b641); | 
| 23,546 | 2016/09/15 | 2023199 | ET CURRENT_EVENTS RIG EK Landing Sep 13 2016 (b642); | 
| 23,545 | 2016/09/14 | 2023195 | ET CURRENT_EVENTS CVE-2016-0189 Exploit as Observed in Sundown/RIG EK (b646); | 
| 23,544 | 2016/09/14 | 2023190 | ET CURRENT_EVENTS CVE-2016-0189 Exploit as Observed in Sundown/RIG EK (b641); | 
| 23,543 | 2016/09/14 | 2023189 | ET CURRENT_EVENTS EITest Inject (compromised site) M2 Sep 12 2016; | 
| 23,542 | 2016/09/14 | 2023196 | ET CURRENT_EVENTS RIG EK Landing Sep 12 2016 T2; | 
| 23,541 | 2016/09/14 | 2023193 | ET CURRENT_EVENTS CVE-2016-0189 Exploit as Observed in Sundown/RIG EK (b644); | 
| 23,540 | 2016/09/14 | 2023191 | ET CURRENT_EVENTS CVE-2016-0189 Exploit as Observed in Sundown/RIG EK (b642); | 
| 23,539 | 2016/09/14 | 2023194 | ET CURRENT_EVENTS CVE-2016-0189 Exploit as Observed in Sundown/RIG EK (b645); | 
| 23,538 | 2016/09/14 | 2400033 | ET DROP Spamhaus DROP Listed Traffic Inbound group 34; [1] | 
| 23,537 | 2016/09/14 | 2023192 | ET CURRENT_EVENTS CVE-2016-0189 Exploit as Observed in Sundown/RIG EK (b643); | 
| 23,536 | 2016/09/14 | 2023188 | ET CURRENT_EVENTS EITest Inject (compromised site) Sep 12 2016; | 
| 23,535 | 2016/09/14 | 2023184 | ET EXPLOIT Possible Android Stagefright MP4 (CVE 2016-3861) Set; [1] | 
| 23,534 | 2016/09/14 | 2023187 | ET CURRENT_EVENTS Evil Redirector Leading to EK Sep 12 2016; | 
| 23,533 | 2016/09/14 | 2023185 | ET EXPLOIT Possible Android Stagefright MP4 (CVE 2016-3861) ROP; [1] | 
| 23,532 | 2016/09/14 | 2023186 | ET CURRENT_EVENTS Evil Redirector Leading to EK Sep 12 2016 (Flash); | 
| 23,531 | 2016/09/09 | 2023179 | ET TROJAN ABUSE.CH Ransomware Domain Detected (TorrentLocker C2); [1] | 
| 23,530 | 2016/09/09 | 2023183 | ET TROJAN OSX/Mokes.A CnC Heartbeat; [1] | 
| 23,529 | 2016/09/09 | 2023181 | ET CURRENT_EVENTS Successful Ebay Phish Sept 8 2016; | 
| 23,528 | 2016/09/09 | 2023182 | ET TROJAN OSX/Mokes.A CnC Heartbeat Request (set); [1] | 
| 23,527 | 2016/09/09 | 2023180 | ET CURRENT_EVENTS DNS Query to Ebay Phishing Domain; | 
| 23,526 | 2016/09/09 | 2023178 | ET TROJAN ABUSE.CH Ransomware Domain Detected (Locky C2); [1] | 
| 23,525 | 2016/09/07 | 2023160 | ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1] | 
| 23,524 | 2016/09/07 | 2023159 | ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1] | 
| 23,523 | 2016/09/07 | 2023154 | ET TROJAN BartCrypt Payment DNS Query to .onion proxy Domain (s3clm4lufbmfhmeb); | 
| 23,522 | 2016/09/07 | 2023162 | ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Vawtrak CnC); [1] | 
| 23,521 | 2016/09/07 | 2023156 | ET TROJAN Linux/LuaBot CnC Beacon Response; [1] | 
| 23,520 | 2016/09/07 | 2023161 | ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Vawtrak CnC); [1] | 
| 23,519 | 2016/09/07 | 2023158 | ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1] | 
| 23,518 | 2016/09/07 | 2023155 | ET TROJAN Linux/LuaBot CnC Beacon; [1] | 
| 23,517 | 2016/09/07 | 2023157 | ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Vawtrak CnC); [1] | 
| 23,516 | 2016/09/04 | 2023152 | ET CURRENT_EVENTS Encoded CVE-2014-6332 (As Observed in SunDown EK) M2; | 
| 23,515 | 2016/09/04 | 2023153 | ET CURRENT_EVENTS Encoded CVE-2014-6332 (As Observed in SunDown EK) M3; | 
| 23,514 | 2016/09/04 | 2023150 | ET CURRENT_EVENTS Possible Evil Redirector Leading to EK EITest Sep 02 M2; | 
| 23,513 | 2016/09/04 | 2023151 | ET CURRENT_EVENTS Encoded CVE-2014-6332 (As Observed in SunDown EK) M1; | 
| 23,512 | 2016/09/02 | 2023148 | ET TROJAN Locky Ransomware Writing Instructions via SMB; | 
| < 71  72  73  74  75  76  77  78  79  80 > |