시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
20,7612015/03/29 2020767  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 66; [1
20,7602015/03/29 2020766  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 65; [1
20,7592015/03/29 2020764  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 63; [1
20,7582015/03/29 2020763  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 62; [1
20,7572015/03/28 2020762  ET TROJAN Vawtrak/NeverQuest .onion Proxy Domain (llgerw4plyyff446); [1
20,7562015/03/28 2020761  ET TROJAN Vawtrak/NeverQuest .onion Proxy Domain (bc3ywvif4m3lnw4o); [1
20,7552015/03/28 2020760  ET TROJAN Vawtrak/NeverQuest .onion Proxy Domain (4bpthx5z4e7n6gnb); [1
20,7542015/03/28 2020758  ET CURRENT_EVENTS VBA Office Document Dridex Binary Download User-Agent;  
20,7532015/03/28 2020759  ET TROJAN Vawtrak/NeverQuest .onion Proxy Domain (otsaa35gxbcwvrqs); [1
20,7522015/03/28 2020757  ET MALWARE Windows executable sent when remote host claims to send an image 2;  
20,7512015/03/27 2020756  ET WEB_CLIENT Firefox Proxy Prototype RCE Attempt (CVE-2014-8636); [1
20,7502015/03/27 2020753  ET EXPLOIT Metasploit Plugin-Detect Posting Data 6; [1
20,7492015/03/27 2020754  ET EXPLOIT Metasploit Plugin-Detect Posting Data 7; [1
20,7482015/03/27 2020752  ET EXPLOIT Metasploit Plugin-Detect Posting Data 5; [1
20,7472015/03/27 2020751  ET EXPLOIT Metasploit Plugin-Detect Posting Data 4; [1
20,7462015/03/27 2020755  ET EXPLOIT Metasploit Browser Exploit Server Plugin Detect 2;  
20,7452015/03/27 2020746  ET TROJAN Win32.Chroject.B Retrieving encoded payload;  
20,7442015/03/27 2020749  ET TROJAN Win32.Chroject.B Receiving ClickFraud Commands from CnC 2;  
20,7432015/03/27 2020747  ET TROJAN Win32.Chroject.B Requesting ClickFraud Commands from CnC;  
20,7422015/03/27 2020748  ET TROJAN Win32.Chroject.B Receiving ClickFraud Commands from CnC 1;  
20,7412015/03/27 2020750  ET TROJAN Win32.Chroject.B ClickFraud Request;  
20,7402015/03/27 2020745  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS CnC); [1
20,7392015/03/26 2020742  ET TROJAN Win32.Hyteod.acox Domain Generation Algorithm (DGA) Lookup NXDOMAIN Response;  
20,7382015/03/26 2020744  ET CURRENT_EVENTS HanJuan EK Landing March 24 2015 M2;  
20,7372015/03/26 2020743  ET CURRENT_EVENTS HanJuan EK Landing March 24 2015 M1;  
20,7362015/03/26 2020741  ET TROJAN Win32.Hyteod.acox Domain Generation Algorithm (DGA) Lookup NXDOMAIN Response;  
20,7352015/03/26 2020740  ET TROJAN CryptoLocker .onion Proxy Domain (iezqmd4s2fflmh7n);  
20,7342015/03/26 2020738  ET TROJAN Win32/TrojanProxy.JpiProx.B CnC Beacon 2;  
20,7332015/03/26 2020739  ET TROJAN Unknown Trojan DNS Query to .onion proxy Domain (l7gbml27czk3kvr5);  
20,7322015/03/26 2020736  ET CURRENT_EVENTS Unauthorized SSL Cert for Google Domains; [1
20,7312015/03/26 2020737  ET TROJAN Win32/TrojanProxy.JpiProx.B CnC Beacon 1;  
20,7302015/03/26 2020734  ET TROJAN Fileless infection dropped by EK CnC Beacon;  
20,7292015/03/26 2020735  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Ransomware CnC); [1
20,7282015/03/25 2020733  ET WEB_SPECIFIC_APPS Possible Netscaler SQLi bypass (cookie); [1
20,7272015/03/25 2020732  ET WEB_SPECIFIC_APPS Possible Netscaler SQLi bypass (POST data); [1
20,7262015/03/25 2020730  ET CURRENT_EVENTS Angler EK XTEA encrypted binary (22);  
20,7252015/03/25 2020731  ET WEB_SPECIFIC_APPS Possible Netscaler SQLi bypass (URI data); [1
20,7242015/03/25 2020727  ET TROJAN Zbot .onion Proxy Domain (3bjpwsf3fjcwtnwx);  
20,7232015/03/25 2020728  ET TROJAN Possible Adwind SSL Cert (assylias.Inc);  
20,7222015/03/25 2020729  ET MOBILE_MALWARE Android.Trojan.SMSSend.Y;  
20,7212015/03/25 2020726  ET CURRENT_EVENTS RIG EK Landing March 20 2015 M2;  
20,7202015/03/22 2020724  ET TROJAN KeyLogger related to FindPOS CnC Beacon; [1,2
20,7192015/03/22 2020725  ET CURRENT_EVENTS RIG EK Landing March 20 2015;  
20,7182015/03/22 2020723  ET TROJAN FindPOS Checkin;  
20,7172015/03/22 2020722  ET CURRENT_EVENTS RIG Landing URI Struct March 20 2015;  
20,7162015/03/22 2020719  ET CURRENT_EVENTS Possible HanJuan Landing March 20 2015;  
20,7152015/03/22 2020717  ET TROJAN Win32/Teslacrypt Ransomware HTTP CnC Beacon M1;  
20,7142015/03/22 2020718  ET TROJAN Win32/Teslacrypt Ransomware HTTP CnC Beacon M2;  
20,7132015/03/22 2020720  ET CURRENT_EVENTS RIG Payload URI Struct March 20 2015;  
20,7122015/03/22 2020721  ET CURRENT_EVENTS RIG Exploit URI Struct March 20 2015;  
< 121  122  123  124  125  126  127  128  129  130 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.