시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
14,1112015/01/20 2016987  ET TROJAN KeyBoy Backdoor SysInfo Response header; [1
14,1102015/01/20 2016986  ET TROJAN KeyBoy Backdoor Login; [1
14,1092015/01/20 2016985  ET INFO Executable Served From /tmp/ Directory - Malware Hosting Behaviour;  
14,1082015/01/20 2016984  ET CURRENT_EVENTS BlackHole EK Initial Gate from Linked-In Mailing Campaign;  
14,1072015/01/20 2016983  ET WEB_SERVER Access to /phppath/php Possible Plesk 0-day Exploit June 05 2013; [1
14,1062015/01/20 2016982  ET WEB_SERVER auto_prepend_file PHP config option in uri; [1
14,1052015/01/20 2016981  ET WEB_SERVER open_basedir PHP config option in uri; [1
14,1042015/01/20 2016980  ET WEB_SERVER disable_functions PHP config option in uri; [1
14,1032015/01/20 2016979  ET WEB_SERVER suhosin.simulation PHP config option in uri; [1
14,1022015/01/20 2016978  ET WEB_SERVER safe_mode PHP config option in uri; [1
14,1012015/01/20 2016977  ET WEB_SERVER allow_url_include PHP config option in uri; [1
14,1002015/01/20 2016976  ET CURRENT_EVENTS CoolEK Payload Download (9);  
14,0992015/01/20 2016975  ET CURRENT_EVENTS Neutrino EK Landing URI Format;  
14,0982015/01/20 2016974  ET CURRENT_EVENTS Blackhole 16-hex/a.php Jar Download;  
14,0972015/01/20 2016973  ET CURRENT_EVENTS Blackhole 16-hex/a.php Landing Page/Java exploit URI;  
14,0962015/01/20 2016972  ET CURRENT_EVENTS Blackhole 32-hex/a.php Jar Download;  
14,0952015/01/20 2016971  ET CURRENT_EVENTS Blackhole 32-hex/a.php Landing Page/Java exploit URI;  
14,0942015/01/20 2016970  ET CURRENT_EVENTS Karagany encrypted binary (3);  
14,0932015/01/20 2016969  ET TROJAN Possible Win32/Travnet.A Internet Connection Check (microsoft.com); [1,2
14,0922015/01/20 2016968  ET TROJAN Win32/Travnet.A Checkin; [1,2,3
14,0912015/01/20 2016967  ET TROJAN W32/Symmi Remote File Injector Initial CnC Beacon; [1
14,0902015/01/20 2016966  ET CURRENT_EVENTS Sakura obfuscated javascript Jun 1 2013;  
14,0892015/01/20 2016965  ET CURRENT_EVENTS Metasploit Based Unknown EK Jar Download June 03 2013;  
14,0882015/01/20 2016964  ET CURRENT_EVENTS CritX/SafePack Reporting Plugin Detect Data June 03 2013;  
14,0872015/01/20 2016963  ET TROJAN Trojan.Win32/Mutopy.A Checkin; [1,2
14,0862015/01/20 2016962  ET DELETED Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 2; [1,2
14,0852015/01/20 2016961  ET TROJAN System Progressive Detection FakeAV (GenuineIntel);  
14,0842015/01/20 2016960  ET TROJAN System Progressive Detection FakeAV (AuthenticAMD);  
14,0832015/01/20 2016959  ET EXPLOIT Apache Struts Possible OGNL Java WriteFile in URI; [1
14,0822015/01/20 2016958  ET EXPLOIT Apache Struts Possible OGNL Java WriteFile in client_body; [1
14,0812015/01/20 2016957  ET EXPLOIT Apache Struts Possible OGNL Java Exec in client body; [1
14,0802015/01/20 2016956  ET EXPLOIT Apache Struts Possible OGNL AllowStaticMethodAccess in URI; [1
14,0792015/01/20 2016954  ET EXPLOIT Apache Struts Possible OGNL AllowStaticMethodAccess in client body;  
14,0782015/01/20 2016953  ET EXPLOIT Apache Struts Possible OGNL Java Exec In URI;  
14,0772015/01/20 2016952  ET CURRENT_EVENTS Probable Nuclear exploit kit landing page;  
14,0762015/01/20 2016951  ET TROJAN Backdoor.Win32.Trup.CX Checkin 1; [1
14,0752015/01/20 2016950  ET TROJAN Possible Win32/Hupigon ip.txt with a Non-Mozilla UA;  
14,0742015/01/20 2016949  ET TROJAN Possible Backdoor.Linux.Tsunami Outbound HTTP request; [1
14,0732015/01/20 2016948  ET TROJAN Win32.Bicololo Response 2;  
14,0722015/01/20 2016947  ET TROJAN Win32.Bicololo Response 1;  
14,0712015/01/20 2016946  ET TROJAN Possible Win32.Bicololo Checkin; [1
14,0702015/01/20 2016945  ET CURRENT_EVENTS Sakura encrypted binary (2);  
14,0692015/01/20 2016944  ET CURRENT_EVENTS HTTP connection to net78.net Free Web Hosting (Used by Various Trojans); [1
14,0682015/01/20 2016943  ET CURRENT_EVENTS Sakura - Payload Requested;  
14,0672015/01/20 2016942  ET CURRENT_EVENTS Sakura - Landing Page - Received May 29 2013;  
14,0662015/01/20 2016941  ET TROJAN W32/PolyCrypt.A Checkin; [1,2
14,0652015/01/20 2016940  ET TROJAN Vobfus Check-in;  
14,0642015/01/20 2016939  ET TROJAN Variant.Kazy.174106 Checkin;  
14,0632015/01/20 2016938  ET MALWARE Adware.Ezula Checkin;  
14,0622015/01/20 2016937  ET WEB_SERVER SQL Injection List Priveleges Attempt; [1
< 261  262  263  264  265  266  267  268  269  270 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.