시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
24,7112017/06/08 2024362  ET CURRENT_EVENTS SunDown EK RIP Landing M4 B641;  
24,7102017/06/08 2024357  ET CURRENT_EVENTS SunDown EK RIP Landing M2 B642;  
24,7092017/06/08 2024354  ET CURRENT_EVENTS SunDown EK RIP Landing M1 B642;  
24,7082017/06/08 2024353  ET CURRENT_EVENTS SunDown EK RIP Landing M1 B641;  
24,7072017/06/07 2024351  ET TROJAN Executioner Ransomware Reporting Infection via SMTP;  
24,7062017/06/07 2024352  ET TROJAN MSIL/Unk.HT-Based Ransomware CnC Checkin;  
24,7052017/06/06 2024348  ET TROJAN Win32/Fireball Activity; [1
24,7042017/06/06 2024350  ET CURRENT_EVENTS RoughTed Malvertising Request; [1
24,7032017/06/06 2024349  ET CURRENT_EVENTS Observed DNS Query for RoughTed Malvertising Domain; [1
24,7022017/06/03 2024344  ET CURRENT_EVENTS Terror EK Payload URI T1 Jun 02 2017;  
24,7012017/06/03 2024346  ET CURRENT_EVENTS Terror EK Landing T1 Jun 02 2017 M1;  
24,7002017/06/03 2024345  ET CURRENT_EVENTS Terror EK Payload URI T1 Jun 02 2017 M2;  
24,6992017/06/03 2024347  ET CURRENT_EVENTS Terror EK Landing T1 Jun 02 2017 M2;  
24,6982017/06/03 2024343  ET CURRENT_EVENTS Terror EK Landing URI T1 Jun 02 2017;  
24,6972017/06/02 2024342  ET WEB_SPECIFIC_APPS Joomla 3.7.0 - Sql Injection (CVE-2017-8917); [1
24,6962017/06/01 2404599  ET CNC Ransomware Tracker Reported CnC Server group 200; [1,2
24,6952017/06/01 2404598  ET CNC Ransomware Tracker Reported CnC Server group 199; [1,2
24,6942017/06/01 2024337  ET EXPLOIT Possible $MFT NTFS Device Access in HTTP Response; [1
24,6932017/06/01 2024338  ET TROJAN Jaff Ransomware Checkin;  
24,6922017/06/01 2024340  ET TROJAN Jaff Ransomware Checkin; [1
24,6912017/06/01 2024341  ET TROJAN DNS Query to Jaff Domain (comboratiogferrdto . com); [1
24,6902017/06/01 2024339  ET TROJAN DNS Query to Jaff Domain (orhangazitur . com);  
24,6892017/05/26 2024333  ET TROJAN APT32 Komprogo DNS Lookup; [1
24,6882017/05/26 2024330  ET TROJAN APT32 Komprogo DNS Lookup; [1
24,6872017/05/26 2024331  ET TROJAN APT32 Komprogo DNS Lookup; [1
24,6862017/05/26 2024332  ET TROJAN APT32 Komprogo DNS Lookup; [1
24,6852017/05/26 2024329  ET CURRENT_EVENTS Successful Banco do Brasil Phish May 25 2017;  
24,6842017/05/26 2024335  ET EXPLOIT Samba Arbitrary Module Loading Vulnerability (.so file write to share) (CVE-2017-7494); [1
24,6832017/05/26 2024334  ET TROJAN APT32 Komprogo DNS Lookup; [1
24,6822017/05/26 2024336  ET EXPLOIT Samba Arbitrary Module Loading Vulnerability (NT Create AndX .so) (CVE-2017-7494); [1
24,6812017/05/26 2024328  ET CURRENT_EVENTS Successful Banco do Brasil Phish Mar 30 2017;  
24,6802017/05/25 2024327  ET CURRENT_EVENTS Successful Scotiabank Phish M2 May 24 2017;  
24,6792017/05/25 2024326  ET CURRENT_EVENTS Successful Scotiabank Phish M1 May 24 2017;  
24,6782017/05/24 2405058  ET CNC Shadowserver Reported CnC Server Port 40669 Group 1; [1,2
24,6772017/05/24 2024325  ET TROJAN MalDoc Retrieving Payload May 23 2017 2;  
24,6762017/05/23 2024323  ET TROJAN UIWIX Ransomware .onion Payment Domain (4ujngbdqqm6t2c53);  
24,6752017/05/23 2024324  ET TROJAN Spora Ransomware DNS Query; [1
24,6742017/05/19 2024320  ET TROJAN MSIL/EasyLocker Ransomware CnC Activity;  
24,6732017/05/19 2024322  ET TROJAN Win32/ASPC Bot CnC Checkin M1;  
24,6722017/05/19 2024321  ET TROJAN Win32/ASPC Bot CnC Checkin M2;  
24,6712017/05/18 2024306  ET TROJAN MWI Maldoc Load Payload;  
24,6702017/05/18 2024319  ET TROJAN Loki Bot Keylogger Data Exfiltration Detected M2;  
24,6692017/05/18 2024317  ET TROJAN Loki Bot Application/Credential Data Exfiltration Detected M2;  
24,6682017/05/18 2024316  ET TROJAN Loki Bot Screenshot Exfiltration Detected;  
24,6672017/05/18 2024318  ET TROJAN Loki Bot Request for C2 Commands Detected M2;  
24,6662017/05/18 2024314  ET TROJAN Loki Bot File Exfiltration Detected;  
24,6652017/05/18 2024315  ET TROJAN Loki Bot Keylogger Data Exfiltration Detected M1;  
24,6642017/05/18 2024313  ET TROJAN Loki Bot Request for C2 Commands Detected M1;  
24,6632017/05/18 2024297  ET CURRENT_EVENTS ETERNALBLUE Exploit M2 MS17-010;  
24,6622017/05/18 2024308  ET EXPLOIT NB8-01 - Unauthed RCE via bprd; [1
< 41  42  43  44  45  46  47  48  49  50 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.