시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
15,3612015/01/20 2018271  ET TROJAN Perl/Calfbot C&C DNS request; [1,2
15,3602015/01/20 2018270  ET TROJAN Perl/Calfbot C&C DNS request; [1,2
15,3592015/01/20 2018269  ET TROJAN Perl/Calfbot C&C DNS request; [1,2
15,3582015/01/20 2018268  ET TROJAN Perl/Calfbot C&C DNS request; [1,2
15,3572015/01/20 2018267  ET TROJAN Perl/Calfbot C&C DNS request; [1,2
15,3562015/01/20 2018266  ET TROJAN Perl/Calfbot C&C DNS request; [1,2
15,3552015/01/20 2018265  ET TROJAN Perl/Calfbot C&C DNS request; [1,2
15,3542015/01/20 2018264  ET TROJAN Linux/Kimodin SSH backdoor activity; [1,2
15,3532015/01/20 2018263  ET CURRENT_EVENTS Dell Kace backdoor; [1
15,3522015/01/20 2018262  ET CURRENT_EVENTS DRIVEBY Nuclear EK IE Exploit CVE-2013-2551 March 12 2014;  
15,3512015/01/20 2018261  ET CURRENT_EVENTS DRIVEBY Nuclear EK Landing Page Mar 12 2014;  
15,3502015/01/20 2018260  ET CURRENT_EVENTS DRIVEBY Styx Landing Page Mar 08 2014;  
15,3492015/01/20 2018259  ET CURRENT_EVENTS DRIVEBY Nuclear EK CVE-2013-2551 URI Struct Nov 26 2013;  
15,3482015/01/20 2018258  ET CURRENT_EVENTS DRIVEBY Nuclear EK PDF URI Struct March 12 2014;  
15,3472015/01/20 2018257  ET CURRENT_EVENTS Gamut Spambot Checkin 2; [1
15,3462015/01/20 2018256  ET TROJAN TDLv4 SSL Cert;  
15,3452015/01/20 2018255  ET TROJAN Win32/Expiro.CD Check-in;  
15,3442015/01/20 2018254  ET TROJAN Possible Graftor EXE Download Common Header Order;  
15,3432015/01/20 2018253  ET TROJAN RDP Brute Force Bot Checkin; [1
15,3422015/01/20 2018251  ET DELETED Havex Rat Check-in URI Struct;  
15,3412015/01/20 2018250  ET TROJAN W32/PointOfSales.Misc CnC Activity; [1
15,3402015/01/20 2018249  ET TROJAN W32/PointOfSales.Misc CnC Beacon; [1
15,3392015/01/20 2018248  ET TROJAN Snake rootkit, usermode-centric encrypted command from server; [1
15,3382015/01/20 2018247  ET TROJAN Snake rootkit, usermode-centric client request; [1
15,3372015/01/20 2018246  ET CURRENT_EVENTS Gamut Spambot Checkin Response; [1
15,3362015/01/20 2018245  ET CURRENT_EVENTS Gamut Spambot Checkin; [1
15,3352015/01/20 2018244  ET TROJAN Havex RAT CnC Server Response HTML Tag;  
15,3342015/01/20 2018243  ET TROJAN Havex RAT CnC Server Response;  
15,3332015/01/20 2018242  ET TROJAN Possible Zeus GameOver Connectivity Check;  
15,3322015/01/20 2018241  ET TROJAN Possible Kelihos Infection Executable Download With Malformed Header;  
15,3312015/01/20 2018240  ET CURRENT_EVENTS Possible Safe/CritX/FlashPack Common Filename javarh.php;  
15,3302015/01/20 2018239  ET CURRENT_EVENTS Possible Safe/CritX/FlashPack Common Filename javaim.php;  
15,3292015/01/20 2018238  ET CURRENT_EVENTS Possible Safe/CritX/FlashPack Common Filename javadb.php;  
15,3282015/01/20 2018237  ET CURRENT_EVENTS CritX/SafePack/FlashPack SilverLight file as eot;  
15,3272015/01/20 2018236  ET CURRENT_EVENTS CritX/SafePack/FlashPack SilverLight Secondary Landing;  
15,3262015/01/20 2018235  ET CURRENT_EVENTS CritX/SafePack/FlashPack CVE-2013-2551;  
15,3252015/01/20 2018234  ET INFO JAR Sent Claiming To Be Text Content - Likely Exploit Kit;  
15,3242015/01/20 2018233  ET INFO JAR Sent Claiming To Be Image - Likely Exploit Kit;  
15,3232015/01/20 2018232  ET CURRENT_EVENTS Possible ZyXELs ZynOS Configuration Download Attempt (Contains Passwords); [1
15,3222015/01/20 2018231  ET INFO SUSPICIOUS .scr file download;  
15,3212015/01/20 2018230  ET TROJAN SMSHoax Riskware checkin;  
15,3202015/01/20 2018229  ET TROJAN Darkshell.A Checkin XOR C0 Win XP;  
15,3192015/01/20 2018228  ET TROJAN Possible PlugX Common Header Struct; [1,2,3,4
15,3182015/01/20 2018227  ET CURRENT_EVENTS Rawin Flash Landing URI Struct March 05 2014;  
15,3172015/01/20 2018226  ET CURRENT_EVENTS Possible Neutrino/Fiesta SilverLight Exploit March 05 2014 DLL Naming Convention;  
15,3162015/01/20 2018225  ET CURRENT_EVENTS Possible Fiesta Jar with four-letter class names;  
15,3152015/01/20 2018224  ET TROJAN Possible TorLocker Ransomware Downloading Tor;  
15,3142015/01/20 2018223  ET CURRENT_EVENTS SWF filename used in IE 2014-0322 Watering Hole Attacks;  
15,3132015/01/20 2018222  ET POLICY InstallIQ Updater Software request;  
15,3122015/01/20 2018221  ET INFO DYNAMIC_DNS HTTP Request to a *.ddns.name Domain;  
< 231  232  233  234  235  236  237  238  239  240 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.