시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
13,2612015/01/20 2016114  ET WEB_SPECIFIC_APPS gpEasy CMS section parameter XSS Attempt; [1
13,2602015/01/20 2016113  ET CURRENT_EVENTS Redkit encrypted binary (1);  
13,2592015/01/20 2016112  ET DELETED Sweet Orange Java obfuscated binary (1);  
13,2582015/01/20 2016111  ET CURRENT_EVENTS Sweet Orange Java payload request (1);  
13,2572015/01/20 2016110  ET TROJAN FakeAV Download antivirus-installer.exe;  
13,2562015/01/20 2016109  ET WEB_SPECIFIC_APPS WordPress WP-Property Plugin uploadify.php Arbitrary File Upload Vulnerability; [1,2
13,2552015/01/20 2016108  ET CURRENT_EVENTS Topic EK Requesting PDF;  
13,2542015/01/20 2016107  ET CURRENT_EVENTS Topic EK Requesting Jar;  
13,2532015/01/20 2016106  ET CURRENT_EVENTS Unknown EK Landing Page;  
13,2522015/01/20 2016105  ET DELETED DNS Reply Sinkhole - zeus.redheberg.com - 95.130.14.32;  
13,2512015/01/20 2016104  ET TROJAN DNS Reply for unallocated address space - Potentially Malicious 1.1.1.0/24;  
13,2502015/01/20 2016103  ET TROJAN DNS Reply Sinkhole - Microsoft - 207.46.90.0/24;  
13,2492015/01/20 2016102  ET TROJAN DNS Reply Sinkhole - Microsoft - 199.2.137.0/24;  
13,2482015/01/20 2016101  ET TROJAN DNS Reply Sinkhole - Microsoft - 131.253.18.0/24;  
13,2472015/01/20 2016100  ET WEB_SPECIFIC_APPS Request to Wordpress W3TC Plug-in dbcache Directory; [1
13,2462015/01/20 2016099  ET CURRENT_EVENTS Drupal Mass Injection Campaign Outbound;  
13,2452015/01/20 2016098  ET CURRENT_EVENTS Drupal Mass Injection Campaign Inbound;  
13,2442015/01/20 2016097  ET TROJAN Unknown - Loader - Check .exe Updated;  
13,2432015/01/20 2016096  ET DELETED W32/Stabuniq CnC POST; [1,2
13,2422015/01/20 2016095  ET TROJAN W32/Dexter Infostealer CnC POST; [1
13,2412015/01/20 2016094  ET MOBILE_MALWARE Android/Updtkiller Sending Device Information; [1
13,2402015/01/20 2016093  ET CURRENT_EVENTS pamdql/Sweet Orange delivering exploit kit payload;  
13,2392015/01/20 2016092  ET DELETED pamdql/Sweet Orange delivering hostile XOR trojan payload from robots.php;  
13,2382015/01/20 2016091  ET CURRENT_EVENTS Hostile Gate landing seen with pamdql/Sweet Orange base64;  
13,2372015/01/20 2016090  ET CURRENT_EVENTS Hostile Gate landing seen with pamdql/Sweet Orange /in.php?q=;  
13,2362015/01/20 2016089  ET TROJAN FakeAV checkin;  
13,2352015/01/20 2016088  ET TROJAN SmokeLoader - Init 0x;  
13,2342015/01/20 2016087  ET TROJAN TROJAN Unk_Banker - Check In;  
13,2332015/01/20 2016086  ET WEB_SPECIFIC_APPS SonicWALL SonicOS searchStr XML Tag Script Insertion Attempt; [1,2
13,2322015/01/20 2016085  ET ACTIVEX Possible Cyme ChartFX client server ActiveX Control ShowPropertiesDialog arbitrary code execution; [1
13,2312015/01/20 2016084  ET ACTIVEX Possible HP ALM XGO.ocx ActiveX Control SetShapeNodeType method Remote Code Execution; [1
13,2302015/01/20 2016083  ET WEB_SPECIFIC_APPS Wordpress Token Manager Plugin tokenmanagertypeedit page XSS Attempt; [1
13,2292015/01/20 2016082  ET WEB_SPECIFIC_APPS Wordpress Token Manager Plugin tokenmanageredit page XSS Attempt; [1
13,2282015/01/20 2016081  ET WEB_SPECIFIC_APPS Zenphoto date parameter Cross Site Scripting Attempt; [1
13,2272015/01/20 2016080  ET WEB_SPECIFIC_APPS WordPress Cloudsafe365 file parameter Local File Inclusion Attempt; [1
13,2262015/01/20 2016079  ET WEB_SPECIFIC_APPS simple machines forum include parameter Local File Inclusion Attempt; [1
13,2252015/01/20 2016078  ET WEB_SPECIFIC_APPS Amateur Photographer Image Gallery file parameter Local File Inclusion Attempt; [1
13,2242015/01/20 2016077  ET WEB_SPECIFIC_APPS Amateur Photographer Image Gallery albumid parameter Cross Site Scripting Attempt; [1
13,2232015/01/20 2016076  ET WEB_SPECIFIC_APPS WordPress Video Lead Form plugin errMsg parameter Cross Site Scripting Attempt; [1
13,2222015/01/20 2016075  ET DELETED FakeAV Checkin;  
13,2212015/01/20 2016074  ET TROJAN Backdoor.Win32.Skill.gk User-Agent;  
13,2202015/01/20 2016073  ET CURRENT_EVENTS SofosFO - possible second stage landing page;  
13,2192015/01/20 2016072  ET CURRENT_EVENTS SofosFO 20 Dec 12 - .pdf file request;  
13,2182015/01/20 2016071  ET CURRENT_EVENTS SofosFO 20 Dec 12 - .jar file request;  
13,2172015/01/20 2016070  ET CURRENT_EVENTS SofosFO obfuscator string 19 Dec 12 - possible landing;  
13,2162015/01/20 2016069  ET MALWARE suspicious User-Agent (vb wininet);  
13,2152015/01/20 2016068  ET POLICY poclbm BitCoin miner; [1
13,2142015/01/20 2016067  ET POLICY Possible BitCoin Miner User-Agent (miner); [1
13,2132015/01/20 2016066  ET DELETED CoolEK - Landing Page (2);  
13,2122015/01/20 2016065  ET CURRENT_EVENTS Magnitude EK (formerly Popads) Embedded Open Type Font file .eot;  
< 271  272  273  274  275  276  277  278  279  280 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.