시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
25,9612018/04/27 2025541  ET TROJAN MSIL/GX Stealer/GravityRAT Uploading File; [1
25,9602018/04/27 2025532  ET CURRENT_EVENTS Outlook Web App Phishing Landing 2018-04-26;  
25,9592018/04/25 2025531  ET MALWARE Observed Win32/Foniad Domain (suggedin .info in DNS Lookup);  
25,9582018/04/24 2405204  ET CNC Shadowserver Reported CnC Server Port 65267 Group 1; [1,2
25,9572018/04/24 2025530  ET TROJAN [PTsecurity] Trojan.JS.Agent.dwz Checkin 2;  
25,9562018/04/21 2025528  ET CURRENT_EVENTS Comcast/Xfinity Phishing Landing 2018-04-19;  
25,9552018/04/21 2025523  ET CURRENT_EVENTS Centurylink Phishing Landing 2018-04-19;  
25,9542018/04/21 2025521  ET EXPLOIT Cisco Smart Install Exploitation Tool - ChangeConfig; [1,2
25,9532018/04/21 2025527  ET CURRENT_EVENTS Generic Popupwnd Phishing Landing 2018-04-19;  
25,9522018/04/21 2025525  ET CURRENT_EVENTS Microsoft Account Phishing Landing M1 2018-04-19;  
25,9512018/04/21 2025520  ET EXPLOIT Cisco Smart Install Exploitation Tool - Update Ios and Execute; [1,2
25,9502018/04/21 2025522  ET EXPLOIT Cisco Smart Install Exploitation Tool - GetConfig; [1,2
25,9492018/04/21 2025526  ET CURRENT_EVENTS Microsoft Account Phishing Landing M2 2018-04-19;  
25,9482018/04/21 2025529  ET CURRENT_EVENTS LCL Banque Phishing Landing 2018-04-19;  
25,9472018/04/21 2025524  ET CURRENT_EVENTS MyADP Phishing Landing 2018-04-19;  
25,9462018/04/21 2025519  ET INFO Cisco Smart Install Protocol Observed; [1
25,9452018/04/20 2025515  ET CURRENT_EVENTS PDF Cloud Phishing Landing 2018-04-19;  
25,9442018/04/20 2025517  ET CURRENT_EVENTS Dropbox 000webhost Phishing Landing 2018-04-19;  
25,9432018/04/20 2025516  ET CURRENT_EVENTS Bank of America Phishing Landing 2018-04-19;  
25,9422018/04/20 2025518  ET POLICY Vulnerable Java Version 10.0.x Detected; [1,2
25,9412018/04/19 2025514  ET CURRENT_EVENTS Mail Verification Phishing Landing 2018-04-18;  
25,9402018/04/18 2405202  ET CNC Shadowserver Reported CnC Server Port 64500 Group 1; [1,2
25,9392018/04/18 2405203  ET CNC Shadowserver Reported CnC Server Port 65267 Group 1; [1,2
25,9382018/04/18 2025508  ET TROJAN ABUSE.CH Locky C2 Domain (dypmoywmjrevboat in DNS Lookup); [1
25,9372018/04/18 2025507  ET TROJAN ABUSE.CH Locky C2 Domain (dyoravdkiavfkbkx in DNS Lookup); [1
25,9362018/04/18 2025506  ET CURRENT_EVENTS Successful DenizBank Phish 2018-04-16;  
25,9352018/04/18 2025509  ET TROJAN ABUSE.CH Locky C2 Domain (jjjooyeohgghgtwn in DNS Lookup); [1
25,9342018/04/18 2025505  ET CURRENT_EVENTS Successful Facebook Phish 2018-04-16;  
25,9332018/04/18 2025513  ET CURRENT_EVENTS Successful Generic Phish (set) 2018-04-17;  
25,9322018/04/18 2025497  ET INFO Possible EXE Download From Suspicious TLD (.webcam) - set; [1
25,9312018/04/18 2025501  ET INFO Possible EXE Download From Suspicious TLD (.work) - set; [1
25,9302018/04/18 2025502  ET CURRENT_EVENTS Google Drive Phishing Landing 2018-04-14;  
25,9292018/04/18 2025510  ET TROJAN ABUSE.CH Locky C2 Domain (lvanwwbyabcfevyi in DNS Lookup); [1
25,9282018/04/18 2025504  ET CURRENT_EVENTS Successful Halkbank Phish M2 2018-04-16;  
25,9272018/04/18 2025498  ET INFO Possible EXE Download From Suspicious TLD (.yokohama) - set; [1
25,9262018/04/18 2025511  ET TROJAN ABUSE.CH Locky C2 Domain (uxwavkmttywsuynt in DNS Lookup); [1
25,9252018/04/18 2025500  ET INFO Possible EXE Download From Suspicious TLD (.gq) - set; [1
25,9242018/04/18 2025495  ET INFO Possible EXE Download From Suspicious TLD (.men) - set; [1
25,9232018/04/18 2025503  ET CURRENT_EVENTS Successful Halkbank Phish M1 2018-04-16;  
25,9222018/04/18 2025499  ET INFO Possible EXE Download From Suspicious TLD (.tokyo) - set; [1
25,9212018/04/18 2025512  ET TROJAN ABUSE.CH Locky C2 Domain (yaynawvtuqcarjwc in DNS Lookup); [1
25,9202018/04/18 2025496  ET TROJAN Observed GandCrab Payment Domain (gandcrab2pie73et in DNS Lookup);  
25,9192018/04/14 2025487  ET MALWARE Observed Win32/Foniad Domain (maraukog .info in TLS SNI); [1
25,9182018/04/14 2025493  ET MALWARE Observed Win32/Foniad Domain (suggedin .info in TLS SNI); [1
25,9172018/04/14 2025489  ET MALWARE Observed Win32/Foniad Domain (aclassigned .info in TLS SNI); [1
25,9162018/04/14 2025492  ET MALWARE Observed Win32/Foniad Domain (insupposity .info in TLS SNI); [1
25,9152018/04/14 2025488  ET MALWARE Observed Win32/Foniad Domain (acinster .info in TLS SNI); [1
25,9142018/04/14 2025494  ET WEB_SPECIFIC_APPS [PT OPEN] Drupalgeddon2 <8.3.9 <8.4.6 <8.5.1 RCE Through Registration Form (CVE-2018-7600); [1
25,9132018/04/14 2025490  ET MALWARE Observed Win32/Foniad Domain (efishedo .info in TLS SNI); [1
25,9122018/04/14 2025491  ET MALWARE Observed Win32/Foniad Domain (enclosely .info in TLS SNI); [1
< 21  22  23  24  25  26  27  28  29  30 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.