시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
21,2112015/06/10 2021216  ET INFO Executable Downloaded from Google Cloud Storage;  
21,2102015/06/10 2021210  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Geodo MITM); [1
21,2092015/06/10 2021212  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Geodo MITM); [1
21,2082015/06/10 2021208  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Geodo MITM); [1
21,2072015/06/10 2021211  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Geodo MITM); [1
21,2062015/06/10 2021209  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Geodo MITM); [1
21,2052015/06/10 2021214  ET TROJAN Win32/Zacom.A CnC Beacon 2;  
21,2042015/06/10 2021213  ET TROJAN Win32/Zacom.A CnC Beacon 1;  
21,2032015/06/10 2021201  ET TROJAN Sakula/Mivast RAT CnC Beacon 3;  
21,2022015/06/10 2021206  ET CURRENT_EVENTS Fake AV Phone Scam Landing June 8 2015 M1;  
21,2012015/06/10 2021207  ET CURRENT_EVENTS Fake AV Phone Scam Landing June 8 2015 M2;  
21,2002015/06/10 2021199  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Geodo MITM); [1
21,1992015/06/10 2021198  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Geodo MITM); [1
21,1982015/06/10 2021204  ET TROJAN DNS Query to TOX Ransomware onion (toxicola7qwv37qj); [1
21,1972015/06/10 2021203  ET TROJAN Sakula/Mivast RAT CnC Beacon 5;  
21,1962015/06/10 2021197  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Geodo MITM); [1
21,1952015/06/10 2021200  ET TROJAN Sakula/Mivast RAT CnC Beacon 2;  
21,1942015/06/10 2021205  ET POLICY Xpopup Instant Messenger Downloading Configuration;  
21,1932015/06/09 2021195  ET POLICY Possible External IP Lookup whoer.net;  
21,1922015/06/09 2021194  ET TROJAN Qadars WebInject SSL Cert;  
21,1912015/06/09 2021192  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Geodo MITM); [1
21,1902015/06/09 2021196  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Spy.Shiz CnC); [1
21,1892015/06/09 2021193  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gootkit CnC); [1
21,1882015/06/07 2021191  ET POLICY DNS Query to .onion proxy Domain (statepaytor.com);  
21,1872015/06/07 2021188  ET TROJAN KeyBase Keylogger Checkin; [1
21,1862015/06/07 2021189  ET TROJAN Databack CnC;  
21,1852015/06/07 2021190  ET POLICY DNS Query to .onion proxy Domain (clusterpaytor.com);  
21,1842015/06/06 2021186  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex CnC); [1
21,1832015/06/06 2021187  ET TROJAN IOS.Oneclickfraud HTTP Host; [1
21,1822015/06/06 2021185  ET MOBILE_MALWARE Trojan-Banker.AndroidOS.Wroba.m Checkin; [1
21,1812015/06/06 2021179  ET TROJAN Possible BlackEnergy Accessing SMB/SMB2 Named Pipe (ASCII); [1
21,1802015/06/06 2021181  ET CURRENT_EVENTS Fake AV Phone Scam Landing June 4 2015 M1;  
21,1792015/06/06 2021183  ET CURRENT_EVENTS Fake AV Phone Scam Landing June 4 2015 M3;  
21,1782015/06/06 2021182  ET CURRENT_EVENTS Fake AV Phone Scam Landing June 4 2015 M2;  
21,1772015/06/06 2021184  ET TROJAN APT Backspace CnC Beacon;  
21,1762015/06/06 2021180  ET TROJAN Possible BlackEnergy Accessing SMB/SMB2 Named Pipe (Unicode); [1
21,1752015/06/04 2021178  ET ATTACK_RESPONSE Metasploit Meterpreter Reverse HTTPS certificate; [1
21,1742015/06/04 2021177  ET CURRENT_EVENTS Fake AV Phone Scam Landing June 2 2015;  
21,1732015/06/04 2021176  ET TROJAN Bladabindi/njRAT CnC Command (ll);  
21,1722015/06/03 2021174  ET MOBILE_MALWARE Android Unknown Ransomware Checkin; [1
21,1712015/06/03 2021175  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Downloader CnC); [1
21,1702015/05/30 2404049  ET CNC Shadowserver Reported CnC Server IP group 50; [1,2
21,1692015/05/30 2021169  ET CURRENT_EVENTS suspicious VBE-encoded script (seen in Sundown EK);  
21,1682015/05/30 2021170  ET DOS Possible Sentinal LM Application attack in progress Outbound (Response);  
21,1672015/05/30 2021172  ET DOS Possible Sentinal LM Amplification attack (Request) Inbound;  
21,1662015/05/30 2021173  ET MALWARE PUP Win32/Conduit.SearchProtect.O CnC Beacon;  
21,1652015/05/30 2021168  ET TROJAN PunkeyPOS HTTP CnC Beacon 9; [1
21,1642015/05/30 2021163  ET TROJAN DNS Query to TOX Ransomware onion (wdthvb6jut2rupu4); [1
21,1632015/05/30 2021165  ET TROJAN DNS Query to TOX Ransomware onion (7fa6gldxg64t5wnt); [1
21,1622015/05/30 2021161  ET POLICY External IP Lookup - whoer.net;  
< 111  112  113  114  115  116  117  118  119  120 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.