시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
15,4612015/01/20 2018376  ET CURRENT_EVENTS TLS HeartBeat Request (Client Initiated) fb set; [1,2,3
15,4602015/01/20 2018375  ET CURRENT_EVENTS TLS HeartBeat Request (Server Initiated) fb set; [1,2,3
15,4592015/01/20 2018374  ET CURRENT_EVENTS Malformed HeartBeat Request method 2; [1,2,3
15,4582015/01/20 2018373  ET CURRENT_EVENTS Malformed HeartBeat Response; [1,2,3
15,4572015/01/20 2018372  ET CURRENT_EVENTS Malformed HeartBeat Request; [1,2,3
15,4562015/01/20 2018371  ET WEB_SERVER ATTACKER WebShell - Zehir4.asp - content; [1,2
15,4552015/01/20 2018370  ET WEB_SERVER ATTACKER WebShell - Zehir4.asp; [1,2
15,4542015/01/20 2018369  ET WEB_SERVER WEBSHELL K-Shell/ZHC Shell 1.0/Aspx Shell Backdoor NetCat_Listener; [1,2
15,4532015/01/20 2018368  ET MALWARE W32/PullUpdate.Adware CnC Beacon;  
15,4522015/01/20 2018367  ET MALWARE W32/iBryte.Adware Affiliate Campaign Executable Download;  
15,4512015/01/20 2018366  ET INFO DYNAMIC_DNS Query to a *.mrbasic.com Domain;  
15,4502015/01/20 2018365  ET INFO DYNAMIC_DNS HTTP Request to a *.mrbasic.com Domain;  
15,4492015/01/20 2018364  ET CURRENT_EVENTS SUSPICIOUS OVH Shared Host SSL Certificate (Observed In Use by Some Trojans); [1
15,4482015/01/20 2018363  ET CURRENT_EVENTS DRIVEBY Nuclear EK PDF;  
15,4472015/01/20 2018362  ET CURRENT_EVENTS DRIVEBY Nuclear EK SWF;  
15,4462015/01/20 2018361  ET CURRENT_EVENTS DRIVEBY Nuclear EK SWF Struct;  
15,4452015/01/20 2018360  ET CURRENT_EVENTS DRIVEBY Nuclear EK SWF Struct;  
15,4442015/01/20 2018359  ET INFO GENERIC SUSPICIOUS POST to Dotted Quad with Fake Browser 2;  
15,4432015/01/20 2018358  ET INFO GENERIC SUSPICIOUS POST to Dotted Quad with Fake Browser 1;  
15,4422015/01/20 2018357  ET CURRENT_EVENTS EvilTDS Redirection;  
15,4412015/01/20 2018356  ET CURRENT_EVENTS Win32.RBrute http response; [1
15,4402015/01/20 2018355  ET CURRENT_EVENTS Win32.RBrute http server request; [1
15,4392015/01/20 2018354  ET CURRENT_EVENTS Win32.RBrute Scan (incoming); [1
15,4382015/01/20 2018353  ET CURRENT_EVENTS Win32.RBrute Scan (Outgoing); [1
15,4372015/01/20 2018352  ET CURRENT_EVENTS Possible FakeAV binary download (setup);  
15,4362015/01/20 2018351  ET CURRENT_EVENTS Upatre SSL Compromised site kionic; [1
15,4352015/01/20 2018350  ET CURRENT_EVENTS Upatre SSL Compromised site potpourriflowers;  
15,4342015/01/20 2018348  ET CURRENT_EVENTS Possible Deep Panda WateringHole Related URI Struct;  
15,4332015/01/20 2018346  ET CURRENT_EVENTS DRIVEBY Angler EK Landing Apr 01 2014;  
15,4322015/01/20 2018345  ET TROJAN W32/SpeedingUpMyPC.Rootkit Successful Install GET Type CnC Beacon;  
15,4312015/01/20 2018344  ET CURRENT_EVENTS Hikvision DVR Synology Recon Scan Checkin; [1
15,4302015/01/20 2018343  ET CURRENT_EVENTS Hikvision DVR attempted Synology Recon Scan; [1
15,4292015/01/20 2018342  ET CURRENT_EVENTS DRIVEBY Goon/Infinity EK Landing Mar 31 2014;  
15,4282015/01/20 2018341  ET TROJAN Kazy Checkin; [1
15,4272015/01/20 2018340  ET TROJAN Win32.Sality-GR Checkin;  
15,4262015/01/20 2018339  ET MALWARE W32/DownloadAdmin.Adware Executable Download Request; [1
15,4252015/01/20 2018338  ET MALWARE W32/DownloadAdmin.Adware CnC Beacon; [1
15,4242015/01/20 2018337  ET CURRENT_EVENTS DRIVEBY Goon/Infinity EK Landing Mar 31 2014;  
15,4232015/01/20 2018336  ET TROJAN Asprox Fake Ximian Evolution X-Mailer Header (XimianEvolution1.4.6); [1,2
15,4222015/01/20 2018334  ET CURRENT_EVENTS PHISH Generic - Landing Page - saved from https comment and form;  
15,4212015/01/20 2018333  ET MALWARE W32/Amonetize.Downloader Executable Download Request;  
15,4202015/01/20 2018332  ET TROJAN W32/SpeedingUpMyPC.Rootkit CnC Beacon;  
15,4192015/01/20 2018331  ET TROJAN W32/SpeedingUpMyPC.Rootkit Install CnC Beacon;  
15,4182015/01/20 2018330  ET CURRENT_EVENTS DRIVEBY Possible CritX/SafePack/FlashPack IE Exploit;  
15,4172015/01/20 2018329  ET CURRENT_EVENTS Payload Filename Used in Various 2014-0322 Attacks;  
15,4162015/01/20 2018328  ET DELETED Win32/Kryptik.AZER C2 SSL Stolen Cert;  
15,4152015/01/20 2018327  ET DELETED JCE Joomla Extension User-Agent (BOT); [1,2
15,4142015/01/20 2018326  ET WEB_SPECIFIC_APPS JCE Joomla Extension; [1,2
15,4132015/01/20 2018325  ET TROJAN Bozok.RAT checkin; [1
15,4122015/01/20 2018324  ET MALWARE SoundCloud Downloader Install Beacon; [1
< 231  232  233  234  235  236  237  238  239  240 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.