시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
6,2112015/01/20 2008334  ET DELETED Beizhu/Womble/Vipdataend Checking in with Controller; [1
6,2102015/01/20 2008333  ET TROJAN Lop.gfr/Swizzor HTTP Update/Checkin (usually host-domain-lookup.com related); [1
6,2092015/01/20 2008332  ET TROJAN Steam Pass Stealer FTP Upload; [1
6,2082015/01/20 2008331  ET TROJAN Banker/Banbra Variant POST via x-www-form-urlencoded; [1
6,2072015/01/20 2008330  ET POLICY HTTP CONNECT Tunnel Attempt Outbound; [1
6,2062015/01/20 2008329  ET TROJAN xpsecuritycenter.com Fake AntiVirus GET-Install Checkin; [1,2
6,2052015/01/20 2008328  ET DELETED Banload iLLBrain Trojan Activity; [1
6,2042015/01/20 2008327  ET TROJAN Perfect Keylogger FTP Initial Install Log Upload (Null obfuscated); [1
6,2032015/01/20 2008326  ET DELETED Banker Infostealer/PRG POST on High Port; [1,2
6,2022015/01/20 2008324  ET TROJAN Zalupko/Koceg/Mandaph manda.php Checkin; [1,2,3,4
6,2012015/01/20 2008322  ET TROJAN FraudLoad.aww HTTP CnC Post; [1
6,2002015/01/20 2008321  ET TROJAN Win32.Small.AB or related Post-infection checkin; [1
6,1992015/01/20 2008320  ET TROJAN Banload Gadu-Gadu CnC Message Detected; [1
6,1982015/01/20 2008319  ET TROJAN Win32.Small.wpx or Related Downloader Posting Data; [1
6,1972015/01/20 2008318  ET MALWARE Adaware.BarACE Checkin and Update; [1,2
6,1962015/01/20 2008317  ET TROJAN Hitpop.AG/Pophot.az HTTP Checkin; [1
6,1952015/01/20 2008315  ET DELETED Iframe in Purported Image Download (png) - Likely SQL Injection Attacks Related; [1
6,1942015/01/20 2008314  ET WEB_CLIENT Iframe in Purported Image Download (gif) - Likely SQL Injection Attacks Related; [1
6,1932015/01/20 2008313  ET WEB_CLIENT Iframe in Purported Image Download (jpeg) - Likely SQL Injection Attacks Related; [1
6,1922015/01/20 2008312  ET SCAN DEBUG Method Request with Command; [1
6,1912015/01/20 2008311  ET SCAN Watchfire AppScan Web App Vulnerability Scanner; [1,2
6,1902015/01/20 2008310  ET TROJAN Codesoft PW Stealer Email Report Outbound; [1
6,1892015/01/20 2008309  ET CHAT GaduGadu Chat File Send Begin; [1,2
6,1882015/01/20 2008308  ET CHAT GaduGadu Chat File Send Accept; [1,2
6,1872015/01/20 2008307  ET CHAT GaduGadu Chat File Send Details; [1,2
6,1862015/01/20 2008306  ET CHAT GaduGadu Chat File Send Request; [1,2
6,1852015/01/20 2008305  ET CHAT GaduGadu Chat Keepalive PONG; [1,2
6,1842015/01/20 2008304  ET CHAT GaduGadu Chat Keepalive PING; [1,2
6,1832015/01/20 2008303  ET CHAT GaduGadu Chat Receive Message; [1,2
6,1822015/01/20 2008302  ET CHAT GaduGadu Chat Send Message; [1,2
6,1812015/01/20 2008301  ET CHAT GaduGadu Chat Server Available Status Packet; [1,2
6,1802015/01/20 2008300  ET CHAT GaduGadu Chat Server Login Failed Packet; [1,2
6,1792015/01/20 2008299  ET CHAT GaduGadu Chat Server Login OK Packet; [1,2
6,1782015/01/20 2008298  ET CHAT GaduGadu Chat Client Login Packet; [1,2
6,1772015/01/20 2008297  ET CHAT GaduGadu Chat Server Welcome Packet; [1,2
6,1762015/01/20 2008295  ET CHAT Gadu-Gadu IM Login Server Request; [1,2
6,1752015/01/20 2008294  ET MALWARE AntiSpywareMaster.com Fake AV User-Agent (AsmUpdater); [1
6,1742015/01/20 2008292  ET TROJAN Win32.Onlinegames.ajok CnC Packet from Server; [1
6,1732015/01/20 2008291  ET TROJAN Win32.Onlinegames.ajok CnC Packet to Server; [1
6,1722015/01/20 2008289  ET CHAT Possible MSN Messenger File Transfer; [1,2
6,1712015/01/20 2008285  ET TROJAN RLPacked Binary - Likely Hostile; [1,2,3
6,1702015/01/20 2008284  ET POLICY Inbound HTTP CONNECT Attempt on Off-Port; [1
6,1692015/01/20 2008283  ET TROJAN Banload HTTP Checkin Detected (quem=); [1
6,1682015/01/20 2008282  ET MALWARE Antispywaremaster.com/Privacyprotector.com Fake AV Checkin; [1
6,1672015/01/20 2008280  ET TROJAN 3alupKo/Win32.Socks.n Related Checkin URL; [1
6,1662015/01/20 2008279  ET MALWARE ZenoSearch Spyware User-Agent; [1
6,1652015/01/20 2008278  ET DELETED Generic Raider Obfuscated VBScript; [1,2
6,1642015/01/20 2008277  ET TROJAN Pakes Winifixer.com Related Checkin URL; [1
6,1632015/01/20 2008276  ET TROJAN Suspicious User-Agent (contains loader); [1
6,1622015/01/20 2008275  ET TROJAN Hitpop Checkin; [1,2
< 411  412  413  414  415  416  417  418  419  420 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.