시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
14,0112015/01/20 2016886  ET TROJAN TrojanSpy.KeyLogger Hangover Campaign User-Agent(DEMO); [1,2
14,0102015/01/20 2016885  ET TROJAN TrojanSpy.KeyLogger Hangover Campaign User-Agent(DEMOMAKE); [1,2
14,0092015/01/20 2016884  ET TROJAN TrojanSpy.KeyLogger Hangover Campaign User-Agent(TCBFRVDEMS); [1,2
14,0082015/01/20 2016883  ET TROJAN TrojanSpy.KeyLogger Hangover Campaign User-Agent(MBESCVDFRT); [1,2
14,0072015/01/20 2016882  ET TROJAN TrojanSpy.KeyLogger Hangover Campaign User-Agent(DSMBVCTFRE); [1,2
14,0062015/01/20 2016881  ET TROJAN TrojanSpy.KeyLogger Hangover Campaign User-Agent(FMBVDFRESCT); [1,2
14,0052015/01/20 2016880  ET INFO Suspicious Windows NT version 0 User-Agent;  
14,0042015/01/20 2016879  ET POLICY Unsupported/Fake Windows NT Version 5.0;  
14,0032015/01/20 2016878  ET POLICY Unsupported/Fake Windows NT Version 4.;  
14,0022015/01/20 2016877  ET POLICY Unsupported/Fake FireFox Version 2.;  
14,0012015/01/20 2016876  ET POLICY Unsupported/Fake FireFox Version 1.;  
14,0002015/01/20 2016875  ET POLICY Unsupported/Fake FireFox Version 0.;  
13,9992015/01/20 2016874  ET POLICY Unsupported/Fake Internet Explorer Version MSIE 1.;  
13,9982015/01/20 2016873  ET POLICY Unsupported/Fake Internet Explorer Version MSIE 2.;  
13,9972015/01/20 2016872  ET POLICY Unsupported/Fake Internet Explorer Version MSIE 3.;  
13,9962015/01/20 2016871  ET POLICY Unsupported/Fake Internet Explorer Version MSIE 4.;  
13,9952015/01/20 2016870  ET POLICY Unsupported/Fake Internet Explorer Version MSIE 5.;  
13,9942015/01/20 2016869  ET CURRENT_EVENTS FlimKit Post Exploit Payload Download;  
13,9932015/01/20 2016868  ET CURRENT_EVENTS Neutrino Plugin-Detect 2 May 20 2013;  
13,9922015/01/20 2016867  ET TROJAN Backdoor.Win32.Pushdo.s Checkin;  
13,9912015/01/20 2016866  ET TROJAN Trojan-Spy.Win32.KeyLogger.acuj Checkin; [1
13,9902015/01/20 2016865  ET TROJAN TrojanSpy.KeyLogger.acqh User-Agent(EMSFRTCBVD); [1
13,9892015/01/20 2016864  ET TROJAN Backdoor.Win32.Agent.bjjv Checkin; [1
13,9882015/01/20 2016863  ET TROJAN Trojan.Win32.VB.cefz Checkin; [1
13,9872015/01/20 2016862  ET TROJAN Hangover Campaign Keylogger 2 checkin; [1
13,9862015/01/20 2016861  ET TROJAN Hangover Campaign Keylogger Checkin; [1
13,9852015/01/20 2016860  ET CURRENT_EVENTS Sweet Orange Landing Page May 16 2013;  
13,9842015/01/20 2016859  ET CURRENT_EVENTS Unknown_MM - Java Exploit - cee.jar;  
13,9832015/01/20 2016858  ET TROJAN Generic - POST To .php w/Extended ASCII Characters;  
13,9822015/01/20 2016857  ET DELETED W32/Pushdo CnC Server Fake JPEG Response; [1
13,9812015/01/20 2016856  ET POLICY Android Dalvik Executable File Download; [1
13,9802015/01/20 2016855  ET TROJAN Embedded ZIP/APK File With Fake Windows Executable Header - Possible AV Bypass Attempt; [1
13,9792015/01/20 2016854  ET TROJAN Embedded Android Dalvik Executable File With Fake Windows Executable Header - Possible AV Bypass Attempt; [1
13,9782015/01/20 2016853  ET CURRENT_EVENTS Possible Neutrino EK Posting Plugin-Detect Data May 15 2013;  
13,9772015/01/20 2016852  ET CURRENT_EVENTS Sakura obfuscated javascript May 10 2013;  
13,9762015/01/20 2016851  ET CURRENT_EVENTS Winwebsec/Zbot/Luder Checkin Response;  
13,9752015/01/20 2016850  ET TROJAN Possible Linux/Cdorked.A CnC; [1,2
13,9742015/01/20 2016849  ET TROJAN Worm.Win32.Ngrbot.lof Join IRC channel; [1
13,9732015/01/20 2016848  ET CURRENT_EVENTS BlackHole Java Exploit Artifact; [1
13,9722015/01/20 2016847  ET INFO Possible Chrome Plugin install; [1
13,9712015/01/20 2016846  ET INFO Possible Firefox Plugin install; [1
13,9702015/01/20 2016845  ET WEB_SERVER HTTPing Usage Inbound; [1
13,9692015/01/20 2016844  ET TROJAN Trojan-Downloader.Win32.AutoIt.mj Checkin; [1
13,9682015/01/20 2016843  ET WEB_SERVER ColdFusion scheduleedit access; [1
13,9672015/01/20 2016842  ET WEB_SERVER ColdFusion scheduletasks access; [1
13,9662015/01/20 2016841  ET WEB_SERVER ColdFusion path disclosure to get the absolute path; [1
13,9652015/01/20 2016840  ET CURRENT_EVENTS FlimKit Landing;  
13,9642015/01/20 2016839  ET CURRENT_EVENTS FlimKit hex.zip Java Downloading Jar;  
13,9632015/01/20 2016838  ET TROJAN Alina User-Agent(Alina); [1
13,9622015/01/20 2016837  ET TROJAN Alina Checkin; [1
< 261  262  263  264  265  266  267  268  269  270 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.