시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
26,1612018/07/18 2025722  ET POLICY Powershell Command With No Profile Argument Over SMB - Likely Lateral Movement;  
26,1602018/07/18 2025706  ET POLICY SMB NT Create AndX Request For a .bat File;  
26,1592018/07/18 2025708  ET POLICY SMB NT Create AndX Request For a DLL File;  
26,1582018/07/18 2025724  ET POLICY Powershell Command With NonInteractive Argument Over SMB - Likely Lateral Movement;  
26,1572018/07/18 2025715  ET CURRENT_EVENTS Fake Adobe Software Update Landing; [1
26,1562018/07/18 2025717  ET WEB_SPECIFIC_APPS ELF file magic encoded Base64 Inbound Web Servers Likely Command Execution 2;  
26,1552018/07/18 2025723  ET POLICY Powershell Command With Execution Bypass Argument Over SMB - Likely Lateral Movement;  
26,1542018/07/18 2025716  ET WEB_SPECIFIC_APPS ELF file magic encoded Base64 Inbound Web Servers Likely Command Execution 1;  
26,1532018/07/18 2025700  ET POLICY SMB NT Create AndX Request For an Executable File;  
26,1522018/07/18 2025707  ET POLICY SMB2 NT Create AndX Request For a .bat File;  
26,1512018/07/18 2025702  ET POLICY SMB NT Create AndX Request For an Executable File In a Temp Directory;  
26,1502018/07/18 2025710  ET POLICY SMB NT Create AndX Request For a .sys File - Possible Lateral Movement;  
26,1492018/07/18 2025721  ET POLICY Powershell Command With Encoded Argument Over SMB - Likely Lateral Movement;  
26,1482018/07/18 2025704  ET POLICY SMB NT Create AndX Request For a Powershell .ps1 File;  
26,1472018/07/18 2025705  ET POLICY SMB2 NT Create AndX Request For a Powershell .ps1 File;  
26,1462018/07/18 2025719  ET POLICY Powershell Activity Over SMB - Likely Lateral Movement;  
26,1452018/07/18 2025713  ET POLICY SMB2 Remote AT Scheduled Job Create Request;  
26,1442018/07/18 2025714  ET POLICY SMB Remote AT Scheduled Job Pipe Creation;  
26,1432018/07/18 2025699  ET POLICY SMB Executable File Transfer;  
26,1422018/07/18 2025720  ET POLICY Powershell Command With Hidden Window Argument Over SMB - Likely Lateral Movement;  
26,1412018/07/18 2025712  ET POLICY SMB Remote AT Scheduled Job Create Request - Possible Lateral Movement;  
26,1402018/07/18 2025697  ET TROJAN Rostpay Downloader User-Agent;  
26,1392018/07/18 2025701  ET POLICY SMB2 NT Create AndX Request For an Executable File;  
26,1382018/07/18 2025703  ET POLICY SMB2 NT Create AndX Request For an Executable File In a Temp Directory;  
26,1372018/07/18 2025711  ET POLICY SMB2 NT Create AndX Request For a .sys File - Possible Lateral Movement;  
26,1362018/07/18 2025718  ET WEB_SPECIFIC_APPS ELF file magic encoded Base64 Inbound Web Servers Likely Command Execution 3;  
26,1352018/07/18 2025709  ET POLICY SMB2 NT Create AndX Request For a DLL File - Possible Lateral Movement;  
26,1342018/07/18 2025698  ET CURRENT_EVENTS Bank of America Phishing Landing;  
26,1332018/07/15 2025696  ET CURRENT_EVENTS Suspicious Wordpress Redirect - Possible Phishing Landing (set) Jan 7;  
26,1322018/07/14 2025695  ET SHELLCODE Execve(/bin/sh) Shellcode;  
26,1312018/07/14 2025693  ET CURRENT_EVENTS Apple Phishing Landing Nov 10 2017;  
26,1302018/07/14 2025694  ET CURRENT_EVENTS Adobe Online Document Phishing Landing M1 Mar 25 2017;  
26,1292018/07/14 2025692  ET CURRENT_EVENTS Chase Account Phish Landing Oct 22;  
26,1282018/07/14 2025690  ET CURRENT_EVENTS DHL Phish Landing Sept 14 2015;  
26,1272018/07/14 2025691  ET CURRENT_EVENTS Chase Mobile Phishing Landing M2;  
26,1262018/07/14 2025689  ET CURRENT_EVENTS Dropbox Phishing Landing Feb 27 2017;  
26,1252018/07/14 2025687  ET CURRENT_EVENTS Email Settings Error Phishing Landing Nov 16 2016;  
26,1242018/07/14 2025688  ET CURRENT_EVENTS Dropbox Shared Document Phishing Landing Feb 21 2017;  
26,1232018/07/14 2025685  ET CURRENT_EVENTS Generic Phishing Landing 2018-01-12;  
26,1222018/07/14 2025686  ET CURRENT_EVENTS Excel/Adobe Online Phishing Landing Nov 25 2015;  
26,1212018/07/14 2025684  ET CURRENT_EVENTS Google Drive Phish Landing Sept 1 2016;  
26,1202018/07/14 2025683  ET CURRENT_EVENTS Google Drive Phishing Landing Jul 10 2015;  
26,1192018/07/14 2025677  ET CURRENT_EVENTS Mailbox Update Phishing Landing M1 May 16;  
26,1182018/07/14 2025673  ET CURRENT_EVENTS Possible Office 365 Phishing Landing Aug 24 2016;  
26,1172018/07/14 2025654  ET CURRENT_EVENTS Chalbhai Phishing Landing Feb 18 2016;  
26,1162018/07/14 2025674  ET CURRENT_EVENTS Possible Chase Phishing Landing - Title over non SSL;  
26,1152018/07/14 2025661  ET CURRENT_EVENTS Dropbox Phishing Landing May 31 2017;  
26,1142018/07/14 2025664  ET CURRENT_EVENTS Microsoft Live Email Account Phishing Landing Mar 16 2017;  
26,1132018/07/14 2025657  ET CURRENT_EVENTS AES Crypto Observed in Javascript - Possible Phishing Landing M1 Dec 28 2015;  
26,1122018/07/14 2025667  ET CURRENT_EVENTS Apple Phishing Landing M2 Feb 13 2017;  
< 11  12  13  14  15  16  17  18  19  20 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.