시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
14,3112015/01/20 2017197  ET INFO JNLP embedded file;  
14,3102015/01/20 2017196  ET MALWARE Crossrider Spyware Checkin;  
14,3092015/01/20 2017195  ET CURRENT_EVENTS c0896 Hacked Site Response Hex (Inbound);  
14,3082015/01/20 2017194  ET CURRENT_EVENTS c0896 Hacked Site Response Octal (Inbound);  
14,3072015/01/20 2017193  ET CURRENT_EVENTS c0896 Hacked Site Response Hex (Outbound);  
14,3062015/01/20 2017192  ET CURRENT_EVENTS c0896 Hacked Site Response Octal (Outbound);  
14,3052015/01/20 2017191  ET TROJAN Win32/Kelihos.F Checkin;  
14,3042015/01/20 2017190  ET TROJAN Win32/Kelihos.F exe Download 2;  
14,3032015/01/20 2017189  ET CURRENT_EVENTS c0896 Hacked Site Response (Outbound) 3;  
14,3022015/01/20 2017188  ET CURRENT_EVENTS c0896 Hacked Site Response (Outbound) 2;  
14,3012015/01/20 2017187  ET CURRENT_EVENTS c0896 Hacked Site Response (Outbound) 1;  
14,3002015/01/20 2017186  ET CURRENT_EVENTS c0896 Hacked Site Response (Inbound) 3;  
14,2992015/01/20 2017185  ET CURRENT_EVENTS c0896 Hacked Site Response (Inbound) 2;  
14,2982015/01/20 2017184  ET CURRENT_EVENTS c0896 Hacked Site Response (Inbound) 1;  
14,2972015/01/20 2017183  ET WEB_SERVER WebShell ASPXShell - Title;  
14,2962015/01/20 2017182  ET CURRENT_EVENTS DRIVEBY Possible CritXPack - Landing Page - jnlp_embedded;  
14,2952015/01/20 2017181  ET CURRENT_EVENTS Sibhost/FlimKit/Glazunov Jar with lowercase class names;  
14,2942015/01/20 2017180  ET CURRENT_EVENTS Possible Neutrino Java Payload Download 2;  
14,2932015/01/20 2017179  ET CURRENT_EVENTS Possible Neutrino Java Payload Download;  
14,2922015/01/20 2017178  ET CURRENT_EVENTS DRIVEBY Rawin - Java Exploit -dubspace.jar;  
14,2912015/01/20 2017177  ET CURRENT_EVENTS DRIVEBY Rawin - Landing Page Received;  
14,2902015/01/20 2017176  ET WEB_SERVER Possible Apache Struts OGNL Command Execution CVE-2013-2251 action; [1
14,2892015/01/20 2017175  ET WEB_SERVER Possible Apache Struts OGNL Command Execution CVE-2013-2251 redirectAction; [1
14,2882015/01/20 2017174  ET WEB_SERVER Possible Apache Struts OGNL Command Execution CVE-2013-2251 redirect; [1
14,2872015/01/20 2017173  ET EXPLOIT Apache Struts Possible OGNL Java ProcessBuilder in client body; [1
14,2862015/01/20 2017172  ET EXPLOIT Apache Struts Possible OGNL Java ProcessBuilder URI;  
14,2852015/01/20 2017171  ET CURRENT_EVENTS FlimKit Landing 07/22/13 4;  
14,2842015/01/20 2017170  ET CURRENT_EVENTS FlimKit Landing 07/22/13 3;  
14,2832015/01/20 2017169  ET CURRENT_EVENTS FlimKit Landing 07/22/13 2;  
14,2822015/01/20 2017168  ET CURRENT_EVENTS FlimKit Landing 07/22/13;  
14,2812015/01/20 2017167  ET CURRENT_EVENTS X20 EK Landing July 22 2013;  
14,2802015/01/20 2017166  ET CURRENT_EVENTS Sibhost Zip as Applet Archive July 08 2013;  
14,2792015/01/20 2017165  ET CURRENT_EVENTS JS Browser Based Ransomware; [1,2
14,2782015/01/20 2017164  ET DELETED BlackHole EK Non-standard base64 Key;  
14,2772015/01/20 2017163  ET MOBILE_MALWARE signed-unsigned integer mismatch code-verification bypass; [1
14,2762015/01/20 2017162  ET SCAN SipCLI VOIP Scan; [1
14,2752015/01/20 2017161  ET SCAN SipCLI VOIP Scan - TCP; [1
14,2742015/01/20 2017157  ET WEB_SERVER Possible Apache Struts OGNL Command Execution CVE-2013-2251 action; [1
14,2732015/01/20 2017156  ET WEB_SERVER Possible Apache Struts OGNL Command Execution CVE-2013-2251 redirectAction; [1
14,2722015/01/20 2017155  ET WEB_SERVER Possible Apache Struts OGNL Command Execution CVE-2013-2251 redirect; [1
14,2712015/01/20 2017154  ET DOS Squid-3.3.5 DoS;  
14,2702015/01/20 2017153  ET CURRENT_EVENTS FlimKit JNLP URI Struct;  
14,2692015/01/20 2017152  ET CURRENT_EVENTS FlimKit Jar URI Struct;  
14,2682015/01/20 2017151  ET CURRENT_EVENTS Styx PDF July 15 2013;  
14,2672015/01/20 2017150  ET CURRENT_EVENTS Cool PDF July 15 2013;  
14,2662015/01/20 2017149  ET CURRENT_EVENTS DRIVEBY Redirection - phpBB Injection;  
14,2652015/01/20 2017148  ET ATTACK_RESPONSE Non-Local Burp Proxy Error; [1
14,2642015/01/20 2017147  ET WEB_SERVER HTTP Request Smuggling Attempt - Two Transfer-Encoding Values Specified; [1
14,2632015/01/20 2017146  ET WEB_SERVER HTTP Request Smuggling Attempt - Double Content-Length Headers; [1
14,2622015/01/20 2017143  ET WEB_SERVER CRLF Injection - Newline Characters in URL; [1
< 251  252  253  254  255  256  257  258  259  260 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.