시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
14,4612015/01/20 2017356  ET TROJAN PoisonIvy.gwx@123 Keepalive to CnC; [1
14,4602015/01/20 2017355  ET TROJAN PoisonIvy.key@123 Keepalive to CnC; [1
14,4592015/01/20 2017354  ET TROJAN PoisonIvy.happyyongzi Keepalive to CnC; [1
14,4582015/01/20 2017353  ET TROJAN PoisonIvy.suzuki Keepalive to CnC; [1
14,4572015/01/20 2017352  ET TROJAN PoisonIvy.keaidestone Keepalive to CnC; [1
14,4562015/01/20 2017351  ET TROJAN PoisonIvy.th3bug Keepalive to CnC; [1
14,4552015/01/20 2017350  ET TROJAN PoisonIvy.admin@388 Keepalive to CnC; [1
14,4542015/01/20 2017349  ET TROJAN Win32.Troj.Cidox Checkin;  
14,4532015/01/20 2017348  ET DELETED Trojan.Win32.VBKrypt.cugq Checkin; [1,2,3
14,4522015/01/20 2017347  ET TROJAN Trojan Related Lame Updater User-Agent;  
14,4512015/01/20 2017346  ET CURRENT_EVENTS Blackhole/Cool obfuscated plugindetect in charcodes w/o sep Jul 10 2013;  
14,4502015/01/20 2017345  ET SHELLCODE Possible UTF-16 u9090 NOP SLED; [1,2,3
14,4492015/01/20 2017344  ET TROJAN Proxychecker Lookup; [1
14,4482015/01/20 2017343  ET TROJAN W32/Spy.KeyLogger.OCI CnC Checkin; [1,2
14,4472015/01/20 2017342  ET INFO Iframe For IP Address Site;  
14,4462015/01/20 2017341  ET CURRENT_EVENTS Blackhole Exploit Kit Microsoft OpenType Font Exploit;  
14,4452015/01/20 2017340  ET CURRENT_EVENTS Blackhole Exploit Kit Shrift.php Microsoft OpenType Font Exploit Request;  
14,4442015/01/20 2017337  ET WEB_SERVER ATTACKER SQLi - SELECT and Schema Columns;  
14,4432015/01/20 2017336  ET INFO SUSPICIOUS Reassigned Eval Function 3;  
14,4422015/01/20 2017335  ET INFO SUSPICIOUS Reassigned Eval Function 2;  
14,4412015/01/20 2017334  ET INFO SUSPICIOUS Reassigned Eval Function 1;  
14,4402015/01/20 2017333  ET CURRENT_EVENTS Styx EK - /jvvn.html;  
14,4392015/01/20 2017330  ET WEB_SERVER SQLi - SELECT and sysobject;  
14,4382015/01/20 2017329  ET POLICY Pirate Browser Download; [1
14,4372015/01/20 2017328  ET CURRENT_EVENTS Unknown EK setSecurityManager hex August 14 2013; [1
14,4362015/01/20 2017327  ET WEB_SERVER Joomla Upload File Filter Bypass;  
14,4352015/01/20 2017326  ET TROJAN Yayih.A Checkin 3; [1
14,4342015/01/20 2017325  ET TROJAN Yayih.A Checkin 2; [1
14,4332015/01/20 2017324  ET CURRENT_EVENTS FlimKit obfuscated hex-encoded jnlp_embedded Aug 08 2013;  
14,4322015/01/20 2017323  ET CURRENT_EVENTS SUSPICIOUS IRC - NICK and -PC;  
14,4312015/01/20 2017322  ET CURRENT_EVENTS SUSPICIOUS IRC - NICK and Win;  
14,4302015/01/20 2017321  ET CURRENT_EVENTS SUSPICIOUS IRC - NICK and Possible Windows XP/7;  
14,4292015/01/20 2017319  ET CURRENT_EVENTS SUSPICIOUS IRC - NICK and 3 Letter Country Code;  
14,4282015/01/20 2017318  ET CURRENT_EVENTS SUSPICIOUS IRC - PRIVMSG *.(exe|tar|tgz|zip) download command;  
14,4272015/01/20 2017317  ET ATTACK_RESPONSE python shell spawn attempt;  
14,4262015/01/20 2017315  ET TROJAN DDoS.Win32.Agent.bay Covert Channel (VERSONEX and Mr.Black);  
14,4252015/01/20 2017314  ET TROJAN PRISM Backdoor;  
14,4242015/01/20 2017313  ET TROJAN China Chopper Command Struct; [1
14,4232015/01/20 2017312  ET TROJAN Win32/Pift DNS TXT CnC Lookup ppidn.net; [1
14,4222015/01/20 2017311  ET TROJAN Possible FortDisco Reporting Hacked Accounts; [1
14,4212015/01/20 2017310  ET CURRENT_EVENTS Possible FortDisco Wordpress Brute-force Site list download 10 wp-login.php; [1
14,4202015/01/20 2017309  ET TROJAN FortDisco Reporting Status; [1
14,4192015/01/20 2017308  ET TROJAN W32/PornoAsset.Ransomware CnC Checkin; [1,2,3
14,4182015/01/20 2017307  ET CURRENT_EVENTS 0f2490 Hacked Site Response (Outbound);  
14,4172015/01/20 2017306  ET CURRENT_EVENTS 0f2490 Hacked Site Response (Inbound);  
14,4162015/01/20 2017305  ET TROJAN Win32/Cridex Checkin;  
14,4152015/01/20 2017303  ET TROJAN ATTACKER IRCBot - PRIVMSG Response - Directory Listing *nix;  
14,4142015/01/20 2017302  ET CURRENT_EVENTS Fake Trojan Dropper purporting to be missing application - findloader;  
14,4132015/01/20 2017301  ET CURRENT_EVENTS Fake Trojan Dropper purporting to be missing application page landing;  
14,4122015/01/20 2017300  ET CURRENT_EVENTS Rawin -TDS - POST w/Java Version;  
< 251  252  253  254  255  256  257  258  259  260 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.