시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
5,6612015/01/20 2007638  ET POLICY Netflix On-demand User-Agent; [1
5,6602015/01/20 2007637  ET DELETED Storm Worm Encrypted Traffic Outbound - Likely Connect Ack; [1
5,6592015/01/20 2007636  ET DELETED Storm Worm Encrypted Traffic Inbound - Likely Search by md5; [1
5,6582015/01/20 2007635  ET DELETED Storm Worm Encrypted Traffic Inbound - Likely Connect Ack; [1
5,6572015/01/20 2007634  ET DELETED Storm Worm Encrypted Traffic Outbound - Likely Search by md5; [1
5,6562015/01/20 2007633  ET TROJAN Suspicious User-Agent - Matcash related Trojan Downloader (Ismazo Advanced Loader); [1
5,6552015/01/20 2007631  ET POLICY Hyves Message Submit; [1
5,6542015/01/20 2007630  ET POLICY Hyves Compose Message; [1
5,6532015/01/20 2007629  ET POLICY Hyves Message Access; [1
5,6522015/01/20 2007628  ET POLICY Hyves Inbox Access; [1
5,6512015/01/20 2007627  ET POLICY Hyves Login Attempt; [1
5,6502015/01/20 2007626  ET DELETED Pitbull IRCbotnet Fetch; [1,2
5,6492015/01/20 2007625  ET DELETED Pitbull IRCbotnet Commands; [1,2
5,6482015/01/20 2007624  ET DELETED Pitbull IRCbotnet Response; [1,2
5,6472015/01/20 2007623  ET DELETED Kaiten IRCbotnet Commands; [1,2
5,6462015/01/20 2007622  ET DELETED Kaiten IRCbotnet Response; [1,2
5,6452015/01/20 2007621  ET DELETED Kaiten IRCbotnet login; [1,2
5,6442015/01/20 2007620  ET TROJAN Zlob Updating via HTTP (v2); [1
5,6432015/01/20 2007618  ET TROJAN Storm Worm ICMP DDOS Traffic; [1
5,6422015/01/20 2007617  ET MALWARE VirusProtectPro Spyware User-Agent (VirusProtectPro); [1
5,6412015/01/20 2007616  ET USER_AGENTS klm123.com Spyware User Agent; [1
5,6402015/01/20 2007615  ET DELETED Unidentified Spyware User Agent (0 0 128 chars); [1
5,6392015/01/20 2007614  ET TROJAN Possible Infection Report Mail - Indy Mail lib and MAC Message Body - Priority 3; [1
5,6382015/01/20 2007613  ET TROJAN Possible Infection Report Mail - Indy Mail lib and MAC Message Body - Priority 1; [1
5,6372015/01/20 2007612  ET TROJAN Possible Infection Report Mail - Indy Mail lib and No Message Body - Priority 3; [1
5,6362015/01/20 2007611  ET TROJAN Possible Infection Report Mail - Indy Mail lib and No Message Body - Priority 1; [1
5,6352015/01/20 2007610  ET TROJAN Win32.Small.qh/xSock Checkin URL Detected; [1
5,6342015/01/20 2007609  ET TROJAN Win32.Small.qh/xSock User-Agent Detected; [1
5,6332015/01/20 2007608  ET TROJAN Win32.Agent.bea C&C connection; [1
5,6322015/01/20 2007607  ET DELETED Zango Spyware Post; [1,2
5,6312015/01/20 2007606  ET DELETED Singworm MSN message Inbound; [1
5,6302015/01/20 2007605  ET DELETED Singworm MSN message Outbound; [1
5,6292015/01/20 2007604  ET TROJAN Proxy.Win32.Wopla.ag Server Reply; [1
5,6282015/01/20 2007603  ET DELETED Proxy.Win32.Wopla.ag Check-In; [1
5,6272015/01/20 2007602  ET MALWARE Advertisementserver.com Spyware Checkin; [1
5,6262015/01/20 2007601  ET MALWARE Advertisementserver.com Spyware Initial Checkin; [1
5,6252015/01/20 2007600  ET MALWARE TryMedia Spyware User-Agent (TryMedia_DM_2.0.0); [1
5,6242015/01/20 2007599  ET MALWARE NewWeb/Sudui.com Spyware User-Agent (aaaabbb); [1
5,6232015/01/20 2007598  ET MALWARE NewWeb/Sudui.com Spyware User-Agent (updatesodui); [1
5,6222015/01/20 2007597  ET MALWARE NewWeb/Sudui.com Spyware User-Agent (B Register); [1
5,6212015/01/20 2007595  ET TROJAN Downloader.Dluca HTTP Checkin; [1
5,6202015/01/20 2007594  ET TROJAN Banker.Delf User-Agent (Mz); [1,2
5,6192015/01/20 2007593  ET MALWARE SpyShredder Fake Anti-Spyware Install Download; [1
5,6182015/01/20 2007592  ET TROJAN Hupigon URL Infection Checkin Detected; [1
5,6172015/01/20 2007587  ET TROJAN General Downloader or Virut C&C Ack; [1
5,6162015/01/20 2007585  ET TROJAN Win32.SkSocket C&C Connection; [1
5,6152015/01/20 2007584  ET EXPLOIT TrendMicro ServerProtect Exploit possible worma(little-endian DCERPC Request); [1,2
5,6142015/01/20 2007583  ET TROJAN iebar Spyware User Agent (iebar); [1
5,6132015/01/20 2007582  ET MALWARE Vikiller.com Fake Antispyware User-Agent (vikiller ctrl...); [1
5,6122015/01/20 2007581  ET DELETED Trojan.Win32.Qhost C&C Traffic Inbound (case2); [1,2
< 421  422  423  424  425  426  427  428  429  430 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.