시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
20,6112015/03/06 2020617  ET POLICY DNS Query to .onion Proxy Domain (connect2tor.org);  
20,6102015/03/06 2020614  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 55; [1,2
20,6092015/03/06 2020611  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 52; [1,2
20,6082015/03/06 2020609  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 50; [1,2
20,6072015/03/06 2020615  ET TROJAN Teerac/CryptoFortress .onion Proxy Domain (3v6e2oe5y5ruimpe);  
20,6062015/03/06 2020612  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 53; [1,2
20,6052015/03/06 2020610  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 51; [1,2
20,6042015/03/06 2020607  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 48; [1,2
20,6032015/03/06 2020605  ET CURRENT_EVENTS - WindowBase64.atob Function In Edwards Packed JavaScript, Possible iFrame Injection Detected; [1
20,6022015/03/06 2020606  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 47; [1,2
20,6012015/03/06 2020608  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 49; [1,2
20,6002015/03/05 2020599  ET CURRENT_EVENTS Angler EK XTEA encrypted binary (20);  
20,5992015/03/05 2020598  ET CURRENT_EVENTS Angler EK XTEA encrypted binary (19);  
20,5982015/03/05 2020602  ET TROJAN LogPOS Sending Data; [1
20,5972015/03/05 2020601  ET TROJAN Agent.bnrb Retrieving DLL;  
20,5962015/03/05 2020600  ET CURRENT_EVENTS Angler EK XTEA encrypted binary (21);  
20,5952015/03/05 2020604  ET CURRENT_EVENTS Likely Blackhole eval haha; [1
20,5942015/03/05 2020603  ET EXPLOIT D-Link and TRENDnet ncc2 Service Vulnerability (fwupdate.cpp) 2015-1187; [1
20,5932015/03/05 2020588  ET CURRENT_EVENTS Possible Scam - FakeAV Alert Landing March 2 2015;  
20,5922015/03/05 2020597  ET CURRENT_EVENTS Angler EK XTEA encrypted binary (18);  
20,5912015/03/05 2020594  ET CURRENT_EVENTS Angler EK XTEA encrypted binary (15);  
20,5902015/03/05 2020591  ET CURRENT_EVENTS Angler EK XTEA encrypted binary (12);  
20,5892015/03/05 2020596  ET CURRENT_EVENTS Angler EK XTEA encrypted binary (17);  
20,5882015/03/05 2020595  ET CURRENT_EVENTS Angler EK XTEA encrypted binary (16);  
20,5872015/03/05 2020589  ET CURRENT_EVENTS Possible Scam - FakeAV Alert Landing March 2 2015;  
20,5862015/03/05 2020590  ET EXPLOIT D-Link and TRENDnet ncc2 Service Vulnerability (ping.ccp) 2015-1187; [1
20,5852015/03/05 2020592  ET CURRENT_EVENTS Angler EK XTEA encrypted binary (13);  
20,5842015/03/05 2020593  ET CURRENT_EVENTS Angler EK XTEA encrypted binary (14);  
20,5832015/03/05 2020587  ET CURRENT_EVENTS Possible Scam - FakeAV Alert Request March 2 2015;  
20,5822015/03/05 2020586  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 46; [1,2
20,5812015/03/04 2020585  ET EXPLOIT PCMan FTP Server 2.0.7 Remote Command Execution; [1
20,5802015/03/04 2020583  ET EXPLOIT Seagate Business NAS Unauthenticated Remote Command Execution; [1
20,5792015/03/04 2020582  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (CryptoLocker CnC); [1
20,5782015/03/04 2020584  ET CURRENT_EVENTS Sweet Orange EK Flash Exploit IE March 03 2015;  
20,5772015/02/28 2020581  ET TROJAN Chanitor .onion Proxy Domain;  
20,5762015/02/28 2020578  ET POLICY Privdog Activation; [1,2
20,5752015/02/28 2020580  ET POLICY Privdog Update check; [1,2
20,5742015/02/28 2020579  ET POLICY Privdog Checkin; [1,2
20,5732015/02/26 2020568  ET TROJAN Tinba Checkin 3;  
20,5722015/02/26 2020569  ET TROJAN Unknown Trojan Downloading PE via MSSQL Connection to Non-Standard Port;  
20,5712015/02/26 2020565  ET POLICY Dropbox DNS Lookup - Possible Offsite File Backup in Use; [1
20,5702015/02/26 2020570  ET CURRENT_EVENTS KaiXin Secondary Landing Page;  
20,5692015/02/26 2020566  ET TROJAN Netwire RAT Client HeartBeat;  
20,5682015/02/26 2020560  ET CURRENT_EVENTS DRIVEBY [PwC CTD] -- MultiGroup - ScanBox and Targetted Watering Holes ActiveX Call; [1
20,5672015/02/26 2020572  ET WEB_SERVER WebShell - ASPyder - File Create - POST Structure;  
20,5662015/02/26 2020552  ET ATTACK_RESPONSE Ingres error in HTTP response, possible SQL injection point;  
20,5652015/02/26 2020559  ET CURRENT_EVENTS DRIVEBY [PwC CTD] -- MultiGroup - ScanBox Watering Hole iframe; [1
20,5642015/02/26 2020558  ET CURRENT_EVENTS DRIVEBY [PwC CTD] -- MultiGroup - ScanBox and Targetted Watering Holes PDF; [1
20,5632015/02/26 2020567  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS CnC); [1
20,5622015/02/26 2020555  ET WEB_SERVER ATTACKER WebShell - Weevely - Downloaded;  
< 131  132  133  134  135  136  137  138  139  140 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.