시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
14,4112015/01/20 2017299  ET CURRENT_EVENTS X20 EK Download Aug 07 2013;  
14,4102015/01/20 2017298  ET WEB_CLIENT Possible Firefox CVE-2013-1690;  
14,4092015/01/20 2017297  ET CURRENT_EVENTS Possible CritX/SafePack/FlashPack EXE Download;  
14,4082015/01/20 2017296  ET CURRENT_EVENTS Possible CritX/SafePack/FlashPack Jar Download;  
14,4072015/01/20 2017295  ET CURRENT_EVENTS Styx iframe with obfuscated Java version check Jul 04 2013;  
14,4062015/01/20 2017294  ET INFO Adobe PKG Download Flowbit Set;  
14,4052015/01/20 2017293  ET WEB_SERVER - EXE File Uploaded - Hex Encoded;  
14,4042015/01/20 2017292  ET TROJAN ATTACKER IRCBot - PRIVMSG Response - ipconfig command output;  
14,4032015/01/20 2017291  ET TROJAN ATTACKER IRCBot - PRIVMSG Response - net command output;  
14,4022015/01/20 2017290  ET TROJAN ATTACKER IRCBot - PRIVMSG Response - Directory Listing;  
14,4012015/01/20 2017289  ET TROJAN ATTACKER IRCBot - The command completed successfully - PRIVMSG Response;  
14,4002015/01/20 2017288  ET TROJAN ATTACKER IRCBot - reg - PRIVMSG Command;  
14,3992015/01/20 2017287  ET TROJAN ATTACKER IRCBot - ipconfig - PRIVMSG Command;  
14,3982015/01/20 2017286  ET TROJAN ATTACKER IRCBot - netsh - PRIVMSG Command;  
14,3972015/01/20 2017285  ET TROJAN ATTACKER IRCBot - net add PRIVMSG Command;  
14,3962015/01/20 2017284  ET TROJAN ATTACKER IRCBot - net localgroup - PRIVMSG Command;  
14,3952015/01/20 2017283  ET TROJAN ATTACKER IRCBot - net user - PRIVMSG Command;  
14,3942015/01/20 2017282  ET INFO Microsoft Script Encoder Encoded File;  
14,3932015/01/20 2017281  ET TROJAN Trojan-Ransom.Win32.Blocker.bjat;  
14,3922015/01/20 2017280  ET WEB_SERVER Possible OpenX Backdoor Backdoor Access POST to flowplayer; [1
14,3912015/01/20 2017279  ET TROJAN Win32.Rovnix.I Checkin;  
14,3902015/01/20 2017278  ET WEB_SERVER Possible Apache Struts OGNL Expression Injection; [1
14,3892015/01/20 2017277  ET WEB_SERVER Possible Apache Struts OGNL in Dynamic Action; [1
14,3882015/01/20 2017276  ET TROJAN W32/StealRat.SpamBot Email Template Request; [1
14,3872015/01/20 2017275  ET TROJAN W32/StealRat.SpamBot CnC Server Configuration File Response; [1
14,3862015/01/20 2017274  ET TROJAN W32/StealRat.SpamBot Configuration File Request; [1
14,3852015/01/20 2017273  ET CURRENT_EVENTS Rawin EK Java 1.7 /caramel.jar;  
14,3842015/01/20 2017272  ET CURRENT_EVENTS Rawin EK Java (Old) /golem.jar;  
14,3832015/01/20 2017271  ET CURRENT_EVENTS Plugin-Detect with global % replace on unescaped string (Sakura);  
14,3822015/01/20 2017270  ET CURRENT_EVENTS Styx Exploit Kit Landing Applet With Payload Aug 02 2013; [1
14,3812015/01/20 2017269  ET TROJAN CBReplay.P Ransomware;  
14,3802015/01/20 2017268  ET CURRENT_EVENTS Possible Neutrino Java Payload Download Sep 30 2013;  
14,3792015/01/20 2017267  ET CURRENT_EVENTS Possible Neutrino Java Exploit Download Sep 30 2013;  
14,3782015/01/20 2017266  ET CURRENT_EVENTS Neutrino EK Landing URI Format Sep 30 2013;  
14,3772015/01/20 2017265  ET CURRENT_EVENTS BlackHole EK Non-standard base64 Key;  
14,3762015/01/20 2017264  ET TROJAN CBReplay Checkin;  
14,3752015/01/20 2017263  ET TROJAN StealRat Checkin;  
14,3742015/01/20 2017262  ET TROJAN Comfoo Checkin; [1
14,3732015/01/20 2017261  ET TROJAN TrojanDownloader.Win32/Dofoil.U Trojan Checkin;  
14,3722015/01/20 2017260  ET WEB_SERVER WebShell Generic - ASP File Uploaded;  
14,3712015/01/20 2017259  ET TROJAN Generic - POST To .php w/Extended ASCII Characters;  
14,3702015/01/20 2017258  ET DELETED Fake FedEX/Pony spam campaign URI Struct;  
14,3692015/01/20 2017257  ET CURRENT_EVENTS Fake FedEX/Pony spam campaign URI Struct 2;  
14,3682015/01/20 2017254  ET CURRENT_EVENTS %Hex Encoded/base64 3 applet_ssv_validated (Observed in Sakura);  
14,3672015/01/20 2017253  ET CURRENT_EVENTS %Hex Encoded/base64 2 applet_ssv_validated (Observed in Sakura);  
14,3662015/01/20 2017252  ET CURRENT_EVENTS %Hex Encoded/base64 1 applet_ssv_validated (Observed in Sakura);  
14,3652015/01/20 2017251  ET CURRENT_EVENTS %Hex Encoded applet_ssv_validated (Observed in Sakura);  
14,3642015/01/20 2017250  ET CURRENT_EVENTS %Hex Encoded jnlp_embedded (Observed in Sakura);  
14,3632015/01/20 2017249  ET CURRENT_EVENTS %Hex Encoded Applet (Observed in Sakura);  
14,3622015/01/20 2017248  ET CURRENT_EVENTS PluginDetect plus Java version check;  
< 251  252  253  254  255  256  257  258  259  260 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.