시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
15,1112015/01/20 2018016  ET TROJAN Limitless Logger Sending Data over SMTP 2;  
15,1102015/01/20 2018015  ET TROJAN Limitless Logger Sending Data over SMTP;  
15,1092015/01/20 2018014  ET POLICY PrimeCoinMiner.Protominer;  
15,1082015/01/20 2018013  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 18; [1,2
15,1072015/01/20 2018012  ET P2P Vagaa peer-to-peer (Transfer); [1
15,1062015/01/20 2018011  ET CURRENT_EVENTS Fiesta EK Landing Jan 24 2013;  
15,1052015/01/20 2018010  ET TROJAN Suspicious UA (;  
15,1042015/01/20 2018009  ET DELETED SUSPICIOUS HTTP Request to .bit domain; [1
15,1032015/01/20 2018008  ET TROJAN DNS Query Possible Zbot Infection Query for networksecurityx.hopto.org;  
15,1022015/01/20 2018007  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 17; [1,2
15,1012015/01/20 2018006  ET CURRENT_EVENTS Possible Browlock Hostname Format US;  
15,1002015/01/20 2018005  ET TROJAN Possible Upatre Downloader SSL certificate (fake org);  
15,0992015/01/20 2018004  ET MOBILE_MALWARE Android/HeHe.Spy ReportMessageRequest CnC Beacon; [1
15,0982015/01/20 2018003  ET MOBILE_MALWARE Android/HeHe.Spy GetTaskRequest CnC Beacon; [1
15,0972015/01/20 2018002  ET MOBILE_MALWARE Android/HeHe.Spy ReportRequest CnC Beacon; [1
15,0962015/01/20 2018001  ET MOBILE_MALWARE Android/HeHe.Spy LoginRequest CnC Beacon; [1
15,0952015/01/20 2018000  ET MOBILE_MALWARE Android/HeHe.Spy RegisterRequest CnC Beacon; [1
15,0942015/01/20 2017999  ET MOBILE_MALWARE Android/HeHe.Spy getLastVersion CnC Beacon; [1
15,0932015/01/20 2017998  ET CURRENT_EVENTS Possible IE/SilverLight GoonEK Payload Download;  
15,0922015/01/20 2017997  ET CURRENT_EVENTS GoonEK Landing Jan 21 2013 SilverLight 3;  
15,0912015/01/20 2017996  ET CURRENT_EVENTS GoonEK Landing Jan 21 2013 SilverLight 2;  
15,0902015/01/20 2017995  ET CURRENT_EVENTS GoonEK Landing Jan 21 2013 SilverLight 1;  
15,0892015/01/20 2017994  ET CURRENT_EVENTS VBSAutorun_VBS_Jenxcus Check-in UA; [1,2
15,0882015/01/20 2017993  ET TROJAN GoonEK Jan 21 2013;  
15,0872015/01/20 2017992  ET MALWARE Win32/OutBrowse.G Variant Checkin; [1
15,0862015/01/20 2017991  ET TROJAN Cybergate/Rebhip/Spyrat Backdoor Keepalive Response;  
15,0852015/01/20 2017990  ET TROJAN Cybergate/Rebhip/Spyrat Backdoor Keepalive;  
15,0842015/01/20 2017989  ET CURRENT_EVENTS Angler EK encrypted binary (4);  
15,0832015/01/20 2017988  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 16; [1,2
15,0822015/01/20 2017987  ET CURRENT_EVENTS Upatre SSL Compromised site appsredeeem;  
15,0812015/01/20 2017986  ET CURRENT_EVENTS Angler EK encrypted binary (3) Jan 17 2013;  
15,0802015/01/20 2017985  ET CURRENT_EVENTS Angler EK encrypted binary (2) Jan 17 2013;  
15,0792015/01/20 2017984  ET CURRENT_EVENTS Angler EK encrypted binary (1) Jan 17 2013;  
15,0782015/01/20 2017983  ET TROJAN Java/Jacksbot Check-in;  
15,0772015/01/20 2017982  ET MALWARE Suspicious User-Agent 100 non-printable char;  
15,0762015/01/20 2017981  ET CURRENT_EVENTS Possible Updatre Compromised SSL Certificate thebostonshaker;  
15,0752015/01/20 2017980  ET INFO InformationCardSigninHelper ClassID (Vulnerable ActiveX Control in CVE-2013-3918);  
15,0742015/01/20 2017979  ET CURRENT_EVENTS Possible Updatre Compromised SSL Certificate california89;  
15,0732015/01/20 2017978  ET CURRENT_EVENTS Possible Updatre Compromised SSL Certificate marchsf;  
15,0722015/01/20 2017977  ET CURRENT_EVENTS Possible Updatre SSL Certificate cardiffpower;  
15,0712015/01/20 2017976  ET CURRENT_EVENTS Possible AnglerEK Java Exploit/Payload Structure Jan 16 2014;  
15,0702015/01/20 2017975  ET CURRENT_EVENTS Possible AnglerEK Landing URI Struct;  
15,0692015/01/20 2017974  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 15; [1,2
15,0682015/01/20 2017973  ET CURRENT_EVENTS Nuclear EK CVE-2013-3918;  
15,0672015/01/20 2017972  ET TROJAN ICEFOG JAVAFOG JAR checkin; [1,2
15,0662015/01/20 2017971  ET CURRENT_EVENTS Possible Neutrino IE/Silverlight Payload Download;  
15,0652015/01/20 2017970  ET TROJAN PWS.Win32/Daceluw.A Checkin; [1
15,0642015/01/20 2017969  ET CURRENT_EVENTS Netgear N150 passwordrecovered.cgi attempt; [1
15,0632015/01/20 2017968  ET INFO Suspicious Possible Process Dump in POST body; [1
15,0622015/01/20 2017967  ET TROJAN StartPage jsp checkin;  
< 241  242  243  244  245  246  247  248  249  250 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.