시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
26,9612018/10/21 2026526  ET POLICY Potentially Vulnerable LibSSH Server Observed - Possible Authentication Bypass (CVE-2018-10933); [1,2
26,9602018/10/20 2026519  ET USER_AGENTS Suspicious User-Agent (Windows XP);  
26,9592018/10/20 2026525  ET TROJAN Win32/BlackCarat XORed (0x77) CnC Checkin; [1
26,9582018/10/20 2026523  ET TROJAN ELF/Chacha.DDoS/Xor.DDoS Stage 2 CnC Checkin; [1
26,9572018/10/20 2026524  ET TROJAN Win32/BlackCarat Response from CnC; [1
26,9562018/10/20 2026518  ET CURRENT_EVENTS Successful Generic Phish (set) 2018-10-18;  
26,9552018/10/20 2026521  ET USER_AGENTS Suspicious User-Agent (Windows 10);  
26,9542018/10/20 2026522  ET USER_AGENTS Suspicious User-Agent (Windows 7);  
26,9532018/10/20 2026520  ET USER_AGENTS Suspicious User-Agent (Windows 8);  
26,9522018/10/19 2026515  ET INFO Suspicious Redirect to Download EXE from Bitbucket;  
26,9512018/10/19 2026516  ET CURRENT_EVENTS Possible Successful Phish - Generic Credential POST to Ngrok.io;  
26,9502018/10/19 2026517  ET TROJAN Locky CnC Checkin;  
26,9492018/10/19 2026514  ET TROJAN XLS.Unk DDE rar Drop Attempt (.live);  
26,9482018/10/18 2026513  ET TROJAN [PTsecurity] Remcos RAT Checkin 73;  
26,9472018/10/18 2026511  ET TROJAN [PTsecurity] Remcos RAT Checkin 71;  
26,9462018/10/18 2026509  ET TROJAN [PTsecurity] Remcos RAT Checkin 69;  
26,9452018/10/18 2026512  ET TROJAN [PTsecurity] Remcos RAT Checkin 72;  
26,9442018/10/18 2026507  ET TROJAN Win32/Remcos RAT Checkin 67;  
26,9432018/10/18 2026510  ET TROJAN [PTsecurity] Remcos RAT Checkin 70;  
26,9422018/10/18 2026496  ET TROJAN Win32/Remcos RAT Checkin 56;  
26,9412018/10/18 2026495  ET TROJAN Win32/Remcos RAT Checkin 55;  
26,9402018/10/18 2026500  ET TROJAN Win32/Remcos RAT Checkin 60;  
26,9392018/10/18 2026505  ET TROJAN Win32/Remcos RAT Checkin 65;  
26,9382018/10/18 2026508  ET TROJAN Win32/Remcos RAT Checkin 68;  
26,9372018/10/18 2026506  ET TROJAN Win32/Remcos RAT Checkin 66;  
26,9362018/10/18 2026491  ET TROJAN XLS.Unk DDE rar Drop Fake 404 Response;  
26,9352018/10/18 2026504  ET TROJAN Win32/Remcos RAT Checkin 64;  
26,9342018/10/18 2026497  ET TROJAN Win32/Remcos RAT Checkin 57;  
26,9332018/10/18 2026498  ET TROJAN Win32/Remcos RAT Checkin 58;  
26,9322018/10/18 2026501  ET TROJAN Win32/Remcos RAT Checkin 61;  
26,9312018/10/18 2026503  ET TROJAN Win32/Remcos RAT Checkin 63;  
26,9302018/10/18 2026502  ET TROJAN Win32/Remcos RAT Checkin 62;  
26,9292018/10/18 2026493  ET CURRENT_EVENTS Successful Generic Phish (set) 2018-10-16;  
26,9282018/10/18 2026499  ET TROJAN Win32/Remcos RAT Checkin 59;  
26,9272018/10/18 2026490  ET TROJAN XLS.Unk DDE rar Drop Attempt (.club);  
26,9262018/10/18 2026494  ET TROJAN Win32/Remcos RAT Checkin 54;  
26,9252018/10/18 2026492  ET CURRENT_EVENTS Successful Generic Phish (set) 2018-10-16;  
26,9242018/10/18 2026489  ET TROJAN XLS.Unk DDE rar Drop Attempt (.online);  
26,9232018/10/17 2026479  ET MOBILE_MALWARE Android APT-C-23 (harvey-ross .info in TLS SNI); [1
26,9222018/10/17 2026477  ET MOBILE_MALWARE Android APT-C-23 (chat-often .com in TLS SNI); [1
26,9212018/10/17 2026485  ET MOBILE_MALWARE Android APT-C-23 (christopher .fun in TLS SNI); [1
26,9202018/10/17 2026488  ET WEB_CLIENT Possible Microsoft Edge Remote Command Execution PoC (CVE-2018-8495); [1
26,9192018/10/17 2026482  ET MOBILE_MALWARE Android APT-C-23 (pml-help .site in DNS Lookup); [1
26,9182018/10/17 2026486  ET POLICY DNS Lookup for Possible Common Brand Phishing Hosted on Legitimate Windows Service;  
26,9172018/10/17 2026484  ET MOBILE_MALWARE Android APT-C-23 (christopher .fun in DNS Lookup); [1
26,9162018/10/17 2026478  ET MOBILE_MALWARE Android APT-C-23 (harvey-ross .info in DNS Lookup); [1
26,9152018/10/17 2026476  ET MOBILE_MALWARE Android APT-C-23 (chat-often .com in DNS Lookup); [1
26,9142018/10/17 2026480  ET MOBILE_MALWARE Android APT-C-23 (mail-goog1e .com in DNS Lookup); [1
26,9132018/10/17 2026483  ET MOBILE_MALWARE Android APT-C-23 (pml-help .site in TLS SNI); [1
26,9122018/10/17 2026481  ET MOBILE_MALWARE Android APT-C-23 (mail-goog1e .com in TLS SNI); [1
1  2  3  4  5  6  7  8  9  10 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.