시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
14,2612015/01/20 2017142  ET SCAN Arachni Web Scan; [1
14,2602015/01/20 2017141  ET CURRENT_EVENTS Blackhole EK Plugin-Detect July 12 2013;  
14,2592015/01/20 2017140  ET CURRENT_EVENTS Possible Blackhole EK Jar Download URI Struct;  
14,2582015/01/20 2017139  ET CURRENT_EVENTS DotkaChef JJencode Script URI Struct;  
14,2572015/01/20 2017138  ET CURRENT_EVENTS g01pack - Java JNLP Requested;  
14,2562015/01/20 2017137  ET TROJAN Cryptmen FakAV page Title;  
14,2552015/01/20 2017136  ET MALWARE Adware.Gamevance.AV Checkin; [1
14,2542015/01/20 2017135  ET CURRENT_EVENTS PHISH Remax - function Validate;  
14,2532015/01/20 2017134  ET WEB_SERVER WebShell - Generic - GIF Header With HTML Form;  
14,2522015/01/20 2017133  ET WEB_CLIENT Microsoft Internet Explorer Use-After-Free CVE-2013-3163;  
14,2512015/01/20 2017131  ET CURRENT_EVENTS Potential Interent Explorer Use After Free CVE-2013-3163 Exploit URI Struct 1; [1
14,2502015/01/20 2017130  ET WEB_CLIENT Potential Interent Explorer Use After Free CVE-2013-3163 2; [1
14,2492015/01/20 2017129  ET WEB_CLIENT Potential Interent Explorer Use After Free CVE-2013-3163; [1
14,2482015/01/20 2017128  ET TROJAN Expiro Trojan Check-in;  
14,2472015/01/20 2017127  ET INFO JJEncode Encoded Script;  
14,2462015/01/20 2017126  ET CURRENT_EVENTS FlimKit Landing July 10 2013;  
14,2452015/01/20 2017125  ET CURRENT_EVENTS Probable FlimKit Redirect July 10 2013;  
14,2442015/01/20 2017124  ET CURRENT_EVENTS DRIVEBY Redirection - Wordpress Injection;  
14,2432015/01/20 2017123  ET CURRENT_EVENTS Fake Adobe Flash Player malware binary requested;  
14,2422015/01/20 2017122  ET CURRENT_EVENTS Fake Adobe Flash Player update warning enticing clicks to malware payload;  
14,2412015/01/20 2017121  ET ATTACK_RESPONSE Possible IPMI 2.0 RAKP Remote SHA1 Password Hash Retreival RAKP message 2 status code Unauthorized Name;  
14,2402015/01/20 2017120  ET POLICY Possible IPMI 2.0 RAKP Remote SHA1 Password Hash Retreival RAKP message 1 with default BMC usernames (Admin|root|Administrator|USERID);  
14,2392015/01/20 2017119  ET CURRENT_EVENTS CritX/SafePack Java Exploit Payload June 03 2013;  
14,2382015/01/20 2017118  ET CURRENT_EVENTS Sibhost Zip as Applet Archive July 08 2013;  
14,2372015/01/20 2017117  ET CURRENT_EVENTS Cool Exploit Kit Plugin-Detect July 08 2013;  
14,2362015/01/20 2017116  ET CURRENT_EVENTS Sweet Orange Landing with Applet July 08 2013;  
14,2352015/01/20 2017115  ET CURRENT_EVENTS Sweet Orange applet July 08 2013;  
14,2342015/01/20 2017114  ET CURRENT_EVENTS Styx iframe with obfuscated Java version check Jul 04 2013;  
14,2332015/01/20 2017113  ET CURRENT_EVENTS VBulletin Backdoor C2 Domain; [1
14,2322015/01/20 2017112  ET CURRENT_EVENTS VBulletin Backdoor C2 URI Structure; [1
14,2312015/01/20 2017111  ET CURRENT_EVENTS VBulletin Backdoor CMD inbound; [1
14,2302015/01/20 2017110  ET CURRENT_EVENTS Sweet Orange applet structure Jul 05 2013;  
14,2292015/01/20 2017109  ET CURRENT_EVENTS FlashPlayerSetup.x86.exe checkin response 2; [1
14,2282015/01/20 2017108  ET CURRENT_EVENTS FlashPlayerSetup.x86.exe checkin UA; [1
14,2272015/01/20 2017107  ET CURRENT_EVENTS FlashPlayerSetup.x86.exe pull; [1
14,2262015/01/20 2017106  ET CURRENT_EVENTS FlimKit Landing Applet Jul 05 2013;  
14,2252015/01/20 2017104  ET CURRENT_EVENTS Neutrino EK Landing URI Format July 04 2013;  
14,2242015/01/20 2017102  ET CURRENT_EVENTS /Styx EK - /jorg.html; [1
14,2232015/01/20 2017101  ET CURRENT_EVENTS /Styx EK - /jovf.html; [1
14,2222015/01/20 2017100  ET CURRENT_EVENTS /Styx EK - /jlnp.html; [1
14,2212015/01/20 2017099  ET CURRENT_EVENTS Lucky7 EK IE Exploit;  
14,2202015/01/20 2017098  ET CURRENT_EVENTS Lucky7 EK Landing Encoded Plugin-Detect;  
14,2192015/01/20 2017097  ET CURRENT_EVENTS Unknown Malvertising Exploit Kit Hostile Jar cm2.jar;  
14,2182015/01/20 2017096  ET CURRENT_EVENTS Unknown Malvertising Exploit Kit Hostile Jar app.jar;  
14,2172015/01/20 2017095  ET CURRENT_EVENTS Unknown Malvertising Exploit Kit Hostile Jar pipe.class;  
14,2162015/01/20 2017094  ET EXPLOIT IPMI Cipher 0 Authentication mode set; [1,2
14,2152015/01/20 2017093  ET CURRENT_EVENTS CritX/SafePack/FlashPack EXE Download Jul 01 2013; [1
14,2142015/01/20 2017092  ET CURRENT_EVENTS CritX/SafePack/FlashPack Jar Download Jul 01 2013; [1
14,2132015/01/20 2017091  ET WEB_SERVER WebShell - Pouya - URI - action=;  
14,2122015/01/20 2017090  ET WEB_SERVER WebShell - Pouya - URI - raiz;  
< 251  252  253  254  255  256  257  258  259  260 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.