시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
11,5112015/01/20 2014283  ET TROJAN Trustezeb Checkin to CnC; [1
11,5102015/01/20 2014282  ET CURRENT_EVENTS Blackhole Download Secondary Request ?pagpag;  
11,5092015/01/20 2014281  ET CURRENT_EVENTS Blackhole Java Applet with Obfuscated URL 2;  
11,5082015/01/20 2014280  ET CURRENT_EVENTS Blackhole Acrobat 1-7 PDF exploit download request 6;  
11,5072015/01/20 2014279  ET CURRENT_EVENTS Blackhole Acrobat 8/9.3 PDF exploit download request 6;  
11,5062015/01/20 2014278  ET DELETED Blackhole Java Exploit request to /content/jav2.jar;  
11,5052015/01/20 2014277  ET POLICY DNS Query for try2check.me Carder Tool; [1,2
11,5042015/01/20 2014276  ET TROJAN W32/Rovnix Downloading Config File From CnC; [1
11,5032015/01/20 2014275  ET TROJAN W32/Rovnix Activity; [1
11,5022015/01/20 2014274  ET CURRENT_EVENTS Blackhole Tax Landing Page with JavaScript Attack;  
11,5012015/01/20 2014273  ET DELETED W32/DarkComet Second Stage Download Request; [1
11,5002015/01/20 2014272  ET TROJAN Win32/Cutwail.BE Checkin 2;  
11,4992015/01/20 2014271  ET TROJAN Win32/Cutwail.BE Checkin 1;  
11,4982015/01/20 2014270  ET TROJAN Backdoor.Win32.RShot Ping Outbound;  
11,4972015/01/20 2014269  ET TROJAN Backdoor.Win32.RShot HTTP Checkin;  
11,4962015/01/20 2014268  ET TROJAN Backdoor.Win32.RShot Checkin;  
11,4952015/01/20 2014267  ET TROJAN Query for Known Hostile *test.3322.org.cn Domain; [1
11,4942015/01/20 2014266  ET TROJAN Trojan.Win32.NfLog Checkin (TTip); [1
11,4932015/01/20 2014265  ET POLICY IP geo location service response;  
11,4922015/01/20 2014264  ET POLICY IP Geo Location Request;  
11,4912015/01/20 2014263  ET TROJAN W32/Pasta.IK Checkin;  
11,4902015/01/20 2014262  ET MALWARE AdWare.Win32.Sushi.au Checkin; [1
11,4892015/01/20 2014261  ET MALWARE W32/PlaySushi User-Agent;  
11,4882015/01/20 2014260  ET WEB_SPECIFIC_APPS Horde 3.3.12 Backdoor Attempt;  
11,4872015/01/20 2014259  ET WEB_SPECIFIC_APPS Joomla com_eventcal mosConfig_absolute_path Parameter Remote File inclusion Attempt; [1
11,4862015/01/20 2014258  ET WEB_SPECIFIC_APPS Joomla com_visa controller Local File Inclusion Attempt; [1
11,4852015/01/20 2014257  ET WEB_SPECIFIC_APPS pfile file.php id Parameter UPDATE SET SQL Injection Attempt; [1
11,4842015/01/20 2014256  ET WEB_SPECIFIC_APPS pfile file.php id Parameter INSERT INTO SQL Injection Attempt; [1
11,4832015/01/20 2014255  ET WEB_SPECIFIC_APPS pfile file.php id Parameter UNION SELECT SQL Injection Attempt; [1
11,4822015/01/20 2014254  ET WEB_SPECIFIC_APPS pfile file.php id Parameter DELETE FROM SQL Injection Attempt; [1
11,4812015/01/20 2014253  ET WEB_SPECIFIC_APPS pfile file.php id Parameter SELECT FROM SQL Injection Attempt; [1
11,4802015/01/20 2014252  ET WEB_SPECIFIC_APPS PHP Membership Site Manager Script key Parameter Cross Site Scripting Attempt; [1
11,4792015/01/20 2014251  ET WEB_SPECIFIC_APPS Grady Levkov id Parameter Cross Site Scripting Attempt; [1
11,4782015/01/20 2014250  ET WEB_SPECIFIC_APPS Joomla com_jreactions mosConfig_absolute_path Parameter Remote File inclusion Attempt; [1
11,4772015/01/20 2014249  ET MALWARE W32/GameplayLabs.Adware Installer Checkin;  
11,4762015/01/20 2014248  ET TROJAN Sefnit Checkin 5;  
11,4752015/01/20 2014247  ET TROJAN Sefnit Checkin 4;  
11,4742015/01/20 2014246  ET DELETED Sefnit Checkin 3;  
11,4732015/01/20 2014245  ET DELETED Blackhole Java Exploit request similar to /content/jav.jar;  
11,4722015/01/20 2014244  ET DELETED Blackhole Java applet with obfuscated URL 2;  
11,4712015/01/20 2014243  ET CURRENT_EVENTS DRIVEBY Java Rhino Scripting Engine Exploit Downloaded;  
11,4702015/01/20 2014242  ET DELETED TDS Trojan Stream request /stream?;  
11,4692015/01/20 2014241  ET DELETED DRIVEBY Generic - Java Exploit Obfuscated With Allatori;  
11,4682015/01/20 2014240  ET DELETED Win32/Cridex.B Self Signed SSL Certificate (root@ks310208.kimsufi.com);  
11,4672015/01/20 2014239  ET TROJAN W32.Duptwux/Ganelp FTP Username - onthelinux;  
11,4662015/01/20 2014238  ET CURRENT_EVENTS DRIVEBY Blackhole - Payload Download - about.exe;  
11,4652015/01/20 2014237  ET CURRENT_EVENTS DRIVEBY Blackhole - Payload Download - calc.exe;  
11,4642015/01/20 2014236  ET CURRENT_EVENTS DRIVEBY Blackhole - Payload Download - contacts.exe;  
11,4632015/01/20 2014235  ET CURRENT_EVENTS DRIVEBY Blackhole - Payload Download - info.exe;  
11,4622015/01/20 2014234  ET TROJAN Fareit/Pony Downloader Checkin 3; [1,2,3
< 311  312  313  314  315  316  317  318  319  320 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.