시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
15,6612015/01/20 2018585  ET EXPLOIT Supermicro BMC Password Disclosure 1; [1
15,6602015/01/20 2018584  ET MOBILE_MALWARE Andr/com.sdwiurse; [1
15,6592015/01/20 2018583  ET CURRENT_EVENTS Sweet Orange EK Common Java Exploit;  
15,6582015/01/20 2018582  ET TROJAN Miuref/Boaxxe Checkin; [1,2
15,6572015/01/20 2018581  ET TROJAN Single char EXE direct download likely trojan (multiple families);  
15,6562015/01/20 2018580  ET TROJAN Neutrino Checkin; [1
15,6552015/01/20 2018579  ET TROJAN Dyreza RAT Checkin;  
15,6542015/01/20 2018578  ET TROJAN Dyreza RAT Ex-filtrating Data; [1
15,6532015/01/20 2018577  ET CURRENT_EVENTS Safe/CritX/FlashPack EK Secondary Landing 2;  
15,6522015/01/20 2018576  ET TROJAN Possible Andromeda download with fake Zip header (2);  
15,6512015/01/20 2018575  ET TROJAN Possible Andromeda download with fake Zip header (1);  
15,6502015/01/20 2018574  ET TROJAN W32/Asprox.Bot Knock Variant CnC Beacon; [1
15,6492015/01/20 2018573  ET CURRENT_EVENTS Safe/CritX/FlashPack EK Secondary Landing;  
15,6482015/01/20 2018572  ET TROJAN HTTP Executable Download from suspicious domain with direct request/fake browser (multiple families);  
15,6472015/01/20 2018571  ET TROJAN HTTP Request to a *.pw domain with direct request/fake browser (multiple families flowbit set);  
15,6462015/01/20 2018570  ET TROJAN HTTP Request to a *.su domain with direct request/fakebrowser (multiple families flowbit set);  
15,6452015/01/20 2018569  ET CURRENT_EVENTS Possible Inbound SNMP Router DoS (Disable Forwarding);  
15,6442015/01/20 2018568  ET CURRENT_EVENTS Possible Inbound SNMP Router DoS (TTL 1);  
15,6432015/01/20 2018567  ET TROJAN Hangover related campaign Response; [1
15,6422015/01/20 2018566  ET TROJAN Hangover related campaign Checkin; [1
15,6412015/01/20 2018565  ET MALWARE W32/RocketfuelNextUp.Adware CnC Beacon;  
15,6402015/01/20 2018564  ET CURRENT_EVENTS BleedingLife Exploit Kit JAR Exploit Request; [1
15,6392015/01/20 2018563  ET CURRENT_EVENTS BleedingLife Exploit Kit SWF Exploit Request; [1
15,6382015/01/20 2018562  ET CURRENT_EVENTS BleedingLife Exploit Kit Landing Page Requested; [1
15,6372015/01/20 2018561  ET CURRENT_EVENTS SUSPICIOUS DTLS 1.2 Fragmented Client Hello Possible CVE-2014-0195; [1
15,6362015/01/20 2018560  ET CURRENT_EVENTS SUSPICIOUS DTLS 1.0 Fragmented Client Hello Possible CVE-2014-0195; [1
15,6352015/01/20 2018559  ET CURRENT_EVENTS SUSPICIOUS DTLS Pre 1.0 Fragmented Client Hello Possible CVE-2014-0195; [1
15,6342015/01/20 2018558  ET TROJAN Win32/Ramnit Checkin;  
15,6332015/01/20 2018557  ET MALWARE PUP Win32.SoftPulse Checkin;  
15,6322015/01/20 2018556  ET CURRENT_EVENTS SUSPICIOUS EXE Download from Google Common Data Storage with no Referer;  
15,6312015/01/20 2018555  ET TROJAN Putter Panda 3PARA RAT initial beacon; [1
15,6302015/01/20 2018554  ET TROJAN Putter Panda CnC HTTP Request; [1
15,6292015/01/20 2018553  ET TROJAN Pandemiya User-Agent; [1
15,6282015/01/20 2018552  ET TROJAN Backdoor.Win32/Etumbot.B Requesting RC4 Key; [1
15,6272015/01/20 2018551  ET TROJAN EtumBot GET File Data Upload; [1
15,6262015/01/20 2018550  ET TROJAN EtumBot GET File Initial Response; [1
15,6252015/01/20 2018549  ET TROJAN EtumBot PUT File Response; [1
15,6242015/01/20 2018548  ET TROJAN EtumBot Command Status Message; [1
15,6232015/01/20 2018547  ET TROJAN EtumBot Ping; [1
15,6222015/01/20 2018546  ET TROJAN EtumBot Registration Request; [1
15,6212015/01/20 2018545  ET CURRENT_EVENTS CottonCastle EK Jar Download Method 2;  
15,6202015/01/20 2018544  ET CURRENT_EVENTS CottonCastle EK Landing June 05 2014 2;  
15,6192015/01/20 2018543  ET CURRENT_EVENTS Neverquest/Wawtrak Posting Data;  
15,6182015/01/20 2018542  ET CURRENT_EVENTS Possible Upatre SSL Cert;  
15,6172015/01/20 2018541  ET CURRENT_EVENTS PlugX/Destory HTTP traffic; [1
15,6162015/01/20 2018540  ET CURRENT_EVENTS DRIVEBY FlashPack Flash Exploit flash0515.php;  
15,6152015/01/20 2018539  ET CURRENT_EVENTS TorExplorer Certificate - Potentially Linked To W32/Cryptowall.Ransomware; [1
15,6142015/01/20 2018538  ET CURRENT_EVENTS tor2www .onion Proxy SSL cert;  
15,6132015/01/20 2018537  ET WEB_CLIENT Possible GnuTLS Client ServerHello SessionID Overflow CVE-2014-3466; [1
15,6122015/01/20 2018536  ET CURRENT_EVENTS CottonCastle EK Landing EK Struct;  
< 221  222  223  224  225  226  227  228  229  230 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.