시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
25,0612017/09/09 2024687  ET TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (ZeusPanda MITM); [1
25,0602017/09/09 2024680  ET TROJAN ABUSE.CH Zloader CnC Domain Detected;  
25,0592017/09/09 2024682  ET TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Adwind); [1
25,0582017/09/09 2024684  ET TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (ZeusPanda MITM); [1
25,0572017/09/09 2024670  ET EXPLOIT Apache Struts 2 REST Plugin ysoserial Usage (B64) 3; [1
25,0562017/09/09 2024675  ET EXPLOIT Apache Struts 2 REST Plugin (ProcessBuilder); [1
25,0552017/09/09 2024677  ET CURRENT_EVENTS CVE-2016-0189 Exploit HFS Actor;  
25,0542017/09/09 2024681  ET TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (URLzone); [1
25,0532017/09/09 2024674  ET EXPLOIT Apache Struts 2 REST Plugin (Runtime.Exec); [1
25,0522017/09/09 2024671  ET EXPLOIT Apache Struts 2 REST Plugin (B64) 4; [1
25,0512017/09/09 2024672  ET EXPLOIT Apache Struts 2 REST Plugin (B64) 5; [1
25,0502017/09/09 2024668  ET EXPLOIT Apache Struts 2 REST Plugin ysoserial Usage (B64) 1; [1
25,0492017/09/09 2024669  ET EXPLOIT Apache Struts 2 REST Plugin ysoserial Usage (B64) 2; [1
25,0482017/09/09 2024676  ET CURRENT_EVENTS CVE-2016-0189 Exploit;  
25,0472017/09/09 2024673  ET EXPLOIT Apache Struts 2 REST Plugin (B64) 6; [1
25,0462017/09/09 2024678  ET CURRENT_EVENTS Possible Locky VB/JS Loader Download Sep 08 2017;  
25,0452017/09/07 2024666  ET TROJAN ApolloLocker Ransomware CnC Checkin;  
25,0442017/09/07 2024663  ET EXPLOIT Apache Struts 2 REST Plugin XStream RCE (ProcessBuilder); [1
25,0432017/09/07 2024667  ET TROJAN ApolloLocker Ransomware CnC Checkin 2;  
25,0422017/09/07 2024664  ET EXPLOIT Apache Struts 2 REST Plugin XStream RCE (Runtime.Exec); [1
25,0412017/09/07 2024665  ET POLICY DNS Query to .onion proxy Domain (onion.top);  
25,0402017/09/06 2405079  ET CNC Shadowserver Reported CnC Server Port 51987 Group 1; [1,2
25,0392017/09/06 2405075  ET CNC Shadowserver Reported CnC Server Port 32164 Group 1; [1,2
25,0382017/09/06 2405077  ET CNC Shadowserver Reported CnC Server Port 33333 Group 1; [1,2
25,0372017/09/06 2405074  ET CNC Shadowserver Reported CnC Server Port 26745 Group 1; [1,2
25,0362017/09/06 2405080  ET CNC Shadowserver Reported CnC Server Port 54321 Group 1; [1,2
25,0352017/09/06 2405078  ET CNC Shadowserver Reported CnC Server Port 40669 Group 1; [1,2
25,0342017/09/06 2405076  ET CNC Shadowserver Reported CnC Server Port 32768 Group 1; [1,2
25,0332017/09/06 2405073  ET CNC Shadowserver Reported CnC Server Port 21333 Group 1; [1,2
25,0322017/09/06 2024660  ET CURRENT_EVENTS RIG EK Rip Sep 05 2017;  
25,0312017/09/06 2024659  ET TROJAN [PTsecurity] Tinba Checkin 4;  
25,0302017/09/06 2024662  ET POLICY DNS Query to .onion proxy Domain (onion.guide); [1
25,0292017/09/06 2024661  ET CURRENT_EVENTS RIG EK Rip Sep 05 2017 M2;  
25,0282017/09/06 2024658  ET TROJAN KHRAT DNS Lookup (upload-dropbox .com); [1
25,0272017/09/02 2024653  ET TROJAN CobianRAT Receiving Additional Commands From CnC; [1
25,0262017/09/02 2024656  ET CURRENT_EVENTS Dropbox Phishing Landing - Title over non SSL;  
25,0252017/09/02 2024652  ET TROJAN CobianRAT Receiving Commands From CnC; [1
25,0242017/09/02 2024654  ET TROJAN CobianRAT Receiving Config Commands from CnC; [1
25,0232017/09/02 2024657  ET CURRENT_EVENTS Successful Dropbox Phish (Locky) Sep 01 2017;  
25,0222017/09/02 2024655  ET TROJAN CobianRAT Screenshot Exfil to CnC; [1
25,0212017/09/02 2024651  ET TROJAN CobianRAT Checkin to CnC; [1
25,0202017/09/02 2024650  ET CURRENT_EVENTS HEX Payload DL with MSXMLHTP (Observed in Locky campaign);  
25,0192017/09/01 2024646  ET CURRENT_EVENTS Fake Adobe Flash Update Landing - Title over non SSL;  
25,0182017/09/01 2024649  ET CURRENT_EVENTS Fake Adobe Flash Update Landing - Title over non SSL;  
25,0172017/09/01 2024648  ET CURRENT_EVENTS Fake Adobe Flash Update Landing - Title over non SSL;  
25,0162017/09/01 2024645  ET CURRENT_EVENTS Fake Adobe Flash Update Landing - Title over non SSL;  
25,0152017/09/01 2024644  ET CURRENT_EVENTS Fake Adobe Flash Update Landing - Title over non SSL;  
25,0142017/09/01 2024638  ET CURRENT_EVENTS Possible Successful Generic Phish (set) Aug 31 2017;  
25,0132017/09/01 2024647  ET CURRENT_EVENTS Fake Adobe Flash Update Landing - Title over non SSL;  
25,0122017/09/01 2024643  ET CURRENT_EVENTS Fake Adobe Flash Update Landing - Title over non SSL;  
< 41  42  43  44  45  46  47  48  49  50 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.