시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
25,9112018/04/13 2025486  ET TROJAN Iron/Maktub Locker Ransomware CnC Checkin; [1
25,9102018/04/12 2025484  ET TROJAN Pontoeb CnC; [1
25,9092018/04/12 2025485  ET TROJAN Observed Malicious SSL Cert (CoreBot C2);  
25,9082018/04/11 2025483  ET TROJAN Loki Bot Fake 404 Response;  
25,9072018/04/11 2025476  ET CURRENT_EVENTS Docusign Phishing Landing 2018-04-09;  
25,9062018/04/11 2025482  ET CURRENT_EVENTS Post.ch Cloned Phishing Landing 2018-04-09;  
25,9052018/04/11 2025481  ET CURRENT_EVENTS Apple Phishing Landing 2018-04-09;  
25,9042018/04/11 2025478  ET CURRENT_EVENTS Paypal Phishing Landing 2018-04-09;  
25,9032018/04/11 2025479  ET CURRENT_EVENTS Facebook Phishing Landing 2018-04-09;  
25,9022018/04/11 2025477  ET CURRENT_EVENTS s0m3 Phishing Landing 2018-04-09;  
25,9012018/04/11 2025473  ET CURRENT_EVENTS Wells Fargo Phishing Landing 2018-04-09;  
25,9002018/04/11 2025474  ET CURRENT_EVENTS DHL Phishing Landing 2018-04-09;  
25,8992018/04/11 2025480  ET CURRENT_EVENTS OneDrive Phishing Landing 2018-04-09;  
25,8982018/04/11 2025475  ET CURRENT_EVENTS Chase Phishing Landing 2018-04-09;  
25,8972018/04/07 2025471  ET TROJAN Win32/DanijBot CnC Task Status;  
25,8962018/04/07 2025472  ET EXPLOIT Possible CVE-2018-0171 Exploit (PoC based); [1
25,8952018/04/07 2025470  ET TROJAN Win32/DanijBot CnC Checkin;  
25,8942018/04/07 2025469  ET TROJAN Win32/DanijBot User-Agent;  
25,8932018/04/06 2025468  ET TROJAN OSX/OceanLotus.D CnC DNS Lookup (widget .shoreoa .com); [1
25,8922018/04/06 2025464  ET TROJAN OSX/OceanLotus.D Sending Data to CnC; [1
25,8912018/04/06 2025466  ET TROJAN OSX/OceanLotus.D CnC DNS Lookup (ssl .arkouthrie .com); [1
25,8902018/04/06 2025467  ET TROJAN OSX/OceanLotus.D CnC DNS Lookup (s3 .hiahornber .com); [1
25,8892018/04/06 2025465  ET TROJAN OSX/OceanLotus.D Requesting Commands from CnC; [1
25,8882018/04/06 2025463  ET TROJAN Win32/InnaputRAT CnC DNS Lookup (ajdhsfhiudsfhsi .top); [1
25,8872018/04/06 2025462  ET TROJAN Win32/InnaputRAT CnC DNS Lookup (ninjagames .top); [1
25,8862018/04/04 2025458  ET TROJAN [PTsecurity] Win32/SocStealer.Socelars C2 Response;  
25,8852018/04/04 2025461  ET SCAN NYU Internet Census UA Inbound; [1
25,8842018/04/04 2025460  ET INFO NYU Internet HTTP/SSL Census Scan; [1
25,8832018/04/04 2025457  ET TROJAN [PTsecurity] W32/Rodecap.StealRat C2 Payload (GIF);  
25,8822018/04/04 2025459  ET WEB_SPECIFIC_APPS Possible CVE-2013-2618 Attempt (PHP Weathermap Persistent XSS); [1
25,8812018/04/04 2025456  ET USER_AGENTS Suspicious User-Agent (=Mozilla);  
25,8802018/04/04 2025455  ET TROJAN Win32/GandCrab Ransomware CnC Activity M2;  
25,8792018/04/03 2405201  ET CNC Shadowserver Reported CnC Server Port 65267 Group 1; [1,2
25,8782018/04/03 2405200  ET CNC Shadowserver Reported CnC Server Port 64500 Group 1; [1,2
25,8772018/04/03 2025452  ET TROJAN Observed GandCrab Ransomware Domain (ransomware .bit in DNS Lookup);  
25,8762018/04/03 2025454  ET TROJAN Observed GandCrab Ransomware Domain (chlenaverasiskihe .sex in DNS Lookup);  
25,8752018/04/03 2025453  ET TROJAN Observed GandCrab Ransomware Domain (zonealarm .bit in DNS Lookup);  
25,8742018/03/31 2025449  ET POLICY DNS Query to .onion proxy Domain (onion. pw); [1
25,8732018/03/31 2025451  ET POLICY Monero Mining Pool Lookup;  
25,8722018/03/31 2025450  ET CURRENT_EVENTS Comcast/Xfinity Phishing Landing 2018-03-30;  
25,8712018/03/30 2025446  ET POLICY DNS Query to .onion proxy Domain (onion.sx); [1
25,8702018/03/30 2025448  ET CURRENT_EVENTS Impots Phishing Landing 2018-03-28;  
25,8692018/03/30 2025444  ET TROJAN [PTsecurity] Ursnif Socks Proxy Check-in;  
25,8682018/03/30 2025447  ET CURRENT_EVENTS Chase Phishing Landing 2018-03-28;  
25,8672018/03/30 2025445  ET TROJAN [PTsecurity] Ursnif Socks5 Proxy Connection;  
25,8662018/03/30 2025443  ET CURRENT_EVENTS IRS Phishing Landing 2018-03-28;  
25,8652018/03/28 2025442  ET CURRENT_EVENTS Adobe PDF Reader Phishing Landing 2018-03-27;  
25,8642018/03/28 2025441  ET TROJAN Sharik/Smoke CnC Beacon 10;  
25,8632018/03/28 2025440  ET TROJAN Possible Sharik/Smoke Loader Microsoft Connectivity check M3;  
25,8622018/03/28 2025439  ET TROJAN Possible Sharik/Smoke Loader Microsoft Connectivity check M2;  
< 21  22  23  24  25  26  27  28  29  30 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.