시그니처 리스트, Signature List
Created with Highcharts 4.2.5'키워드' 시그리처2025/06/02Ransomware : 515 (3.2%) Backdoor : 436 (2.7%) Webshell : 94 (0.6%) Sipvicious : 6 (0.0%) DDoS : 166 (1.0%) Trojan : 6,289 (39.2%) Malware : 1,425 (8.9%) BruteForce : 48 (0.3%) Sql Injection : 4,316 (26.9%) Spyware : 533 (3.3%) Tor : 839 (5.2%) Scan : 392 (2.4%) ADware : 140 (0.9%) Mobile : 243 (1.5%) CnC Server : 594 (3.7%)
번호날짜ID시그니처 (Total Ruleset: 27,111개)
25,2112017/10/04 2405125  ET CNC Shadowserver Reported CnC Server Port 65267 Group 1; [1,2
25,2102017/10/04 2405122  ET CNC Shadowserver Reported CnC Server Port 47221 Group 1; [1,2
25,2092017/10/04 2405120  ET CNC Shadowserver Reported CnC Server Port 33333 Group 1; [1,2
25,2082017/10/04 2405117  ET CNC Shadowserver Reported CnC Server Port 31902 Group 1; [1,2
25,2072017/10/04 2405118  ET CNC Shadowserver Reported CnC Server Port 32164 Group 1; [1,2
25,2062017/10/03 2024792  ET POLICY Cryptocurrency Miner Checkin;  
25,2052017/10/03 2024791  ET TROJAN [PTsecurity] Black Stealer Exfil FTP STOR;  
25,2042017/10/03 2024786  ET POLICY Request for Coinhive Browser Monero Miner M2;  
25,2032017/10/03 2024787  ET POLICY Request for Jsecoin Browser Miner M1;  
25,2022017/10/03 2024790  ET TROJAN [PTsecurity] Black Stealer Exfil System Info;  
25,2012017/10/03 2024785  ET POLICY Request for Coinhive Browser Monero Miner M1;  
25,2002017/10/03 2024789  ET POLICY DNS request for Monero mining pool; [1,2
25,1992017/10/03 2024788  ET POLICY Request for Jsecoin Browser Miner M2;  
25,1982017/10/01 2405114  ET CNC Shadowserver Reported CnC Server Port 51987 Group 1; [1,2
25,1972017/10/01 2405112  ET CNC Shadowserver Reported CnC Server Port 40669 Group 1; [1,2
25,1962017/10/01 2405110  ET CNC Shadowserver Reported CnC Server Port 32768 Group 1; [1,2
25,1952017/10/01 2405115  ET CNC Shadowserver Reported CnC Server Port 54321 Group 1; [1,2
25,1942017/10/01 2405111  ET CNC Shadowserver Reported CnC Server Port 33333 Group 1; [1,2
25,1932017/10/01 2405116  ET CNC Shadowserver Reported CnC Server Port 65267 Group 1; [1,2
25,1922017/10/01 2405113  ET CNC Shadowserver Reported CnC Server Port 47221 Group 1; [1,2
25,1912017/10/01 2024783  ET CURRENT_EVENTS Successful Banco do Brasil Phish M2 Sep 29 2017;  
25,1902017/10/01 2024784  ET CURRENT_EVENTS Successful Banco do Brasil Phish M3 Sep 29 2017;  
25,1892017/10/01 2024782  ET CURRENT_EVENTS Successful Banco do Brasil Phish M1 Sep 29 2017;  
25,1882017/10/01 2024781  ET TROJAN Win32/Formgrabber Data Exfil; [1
25,1872017/09/29 2024774  ET TROJAN [PTsecurity] Malicious SSL connection (Upatre Downloader CnC) 1;  
25,1862017/09/29 2024779  ET TROJAN DNS Query For Browser Cryptocurrency Mining Domain; [1
25,1852017/09/29 2024778  ET TROJAN [PTsecurity] Malicious SSL connection (Upatre Downloader CnC) 5;  
25,1842017/09/29 2024777  ET TROJAN [PTsecurity] Malicious SSL connection (Upatre Downloader CnC) 4;  
25,1832017/09/29 2024769  ET WEB_CLIENT Suspicious Possible Zip DL containing single VBS script;  
25,1822017/09/29 2024773  ET TROJAN [PTsecurity] Malicious SSL connection (Upatre Downloader CnC) 0;  
25,1812017/09/29 2024776  ET TROJAN [PTsecurity] Malicious SSL connection (Upatre Downloader CnC) 3;  
25,1802017/09/29 2024770  ET CURRENT_EVENTS Possible Raiffeisen Bank Phishing Landing - Title over non SSL;  
25,1792017/09/29 2024780  ET TROJAN [PTsecurity] TR/Spy.Banker.agdtw Checkin;  
25,1782017/09/29 2024771  ET TROJAN [PTsecurity] Possible Cobalt Strike payload;  
25,1772017/09/29 2024772  ET TROJAN [PTsecurity] Malicious SSL connection (Upatre Downloader CnC) cert;  
25,1762017/09/29 2024775  ET TROJAN [PTsecurity] Malicious SSL connection (Upatre Downloader CnC) 2;  
25,1752017/09/28 2024767  ET CURRENT_EVENTS Possible Locky Payload DL Sept 26 2017 M1;  
25,1742017/09/28 2024768  ET CURRENT_EVENTS Possible Locky Payload DL Sept 26 2017 M2;  
25,1732017/09/27 2405103  ET CNC Shadowserver Reported CnC Server Port 32768 Group 1; [1,2
25,1722017/09/27 2405104  ET CNC Shadowserver Reported CnC Server Port 33333 Group 1; [1,2
25,1712017/09/27 2405102  ET CNC Shadowserver Reported CnC Server Port 32164 Group 1; [1,2
25,1702017/09/27 2405109  ET CNC Shadowserver Reported CnC Server Port 65267 Group 1; [1,2
25,1692017/09/27 2405108  ET CNC Shadowserver Reported CnC Server Port 54321 Group 1; [1,2
25,1682017/09/27 2405106  ET CNC Shadowserver Reported CnC Server Port 47221 Group 1; [1,2
25,1672017/09/27 2405105  ET CNC Shadowserver Reported CnC Server Port 40669 Group 1; [1,2
25,1662017/09/27 2405107  ET CNC Shadowserver Reported CnC Server Port 51987 Group 1; [1,2
25,1652017/09/27 2024765  ET MOBILE_MALWARE Trojan-Banker.AndroidOS.RedAlert CnC Beacon; [1
25,1642017/09/27 2024766  ET DELETED [PTsecurity] DoublePulsar Backdoor installation communication; [1
25,1632017/09/27 2024764  ET INFO Suspicious Darkwave Popads Pop Under Redirect;  
25,1622017/09/27 2024763  ET INFO Adilbo HTML Encoder Observed;  
< 31  32  33  34  35  36  37  38  39  40 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.