시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
12,0112015/01/20 2014822  ET TROJAN Possible SKyWIper/Win32.Flame POST; [1
12,0102015/01/20 2014821  ET CURRENT_EVENTS Blackhole RawValue Specific Exploit PDF;  
12,0092015/01/20 2014820  ET CURRENT_EVENTS Blackhole Landing Page Obfuscated Javascript Blob;  
12,0082015/01/20 2014819  ET INFO Packed Executable Download;  
12,0072015/01/20 2014818  ET TROJAN Possible SKyWIper/Win32.Flame UA; [1
12,0062015/01/20 2014817  ET USER_AGENTS W32/Renos.Downloader User Agent zeroup; [1
12,0052015/01/20 2014816  ET TROJAN Rogue.Win32/Winwebsec Install 2;  
12,0042015/01/20 2014815  ET WEB_SPECIFIC_APPS Joomla com_acooldebate controller parameter Local File Inclusion Attempt; [1
12,0032015/01/20 2014814  ET WEB_SPECIFIC_APPS Joomla Component JE Story Submit view parameter Local File Inclusion Attempt; [1
12,0022015/01/20 2014813  ET WEB_SPECIFIC_APPS WordPress LeagueManager plugin season parameter Cross-Site Scripting Attempt; [1
12,0012015/01/20 2014812  ET WEB_SPECIFIC_APPS WordPress LeagueManager plugin group parameter Cross-Site Scripting Attempt; [1
12,0002015/01/20 2014811  ET WEB_SPECIFIC_APPS WordPress Dynamic Widgets plugin id parameter Cross-Site Scripting Attempt; [1
11,9992015/01/20 2014810  ET MALWARE Malicious pusk.exe download;  
11,9982015/01/20 2014809  ET ACTIVEX Possible IBM Lotus Quickr for Domino ActiveX control Import_Times Method Access buffer overflow Attempt; [1
11,9972015/01/20 2014808  ET ACTIVEX Possible IBM Lotus Quickr for Domino ActiveX control Attachment_Times Method Access buffer overflow Attempt; [1
11,9962015/01/20 2014807  ET ACTIVEX Possible SkinCrafter ActiveX Control InitLicenKeys Method Access Buffer Overflow 2; [1
11,9952015/01/20 2014806  ET ACTIVEX Possible SkinCrafter ActiveX Control InitLicenKeys Method Access Buffer Overflow; [1
11,9942015/01/20 2014805  ET CURRENT_EVENTS Unknown java_ara Bin Download;  
11,9932015/01/20 2014804  ET TROJAN VBS/Wimmie.A Checkin; [1,2,3
11,9922015/01/20 2014803  ET TROJAN VBS/Wimmie.A Set; [1,2,3
11,9912015/01/20 2014802  ET CURRENT_EVENTS Fragus Exploit jar Download;  
11,9902015/01/20 2014801  ET CURRENT_EVENTS Blackhole Try App.title Catch - May 22nd 2012; [1
11,9892015/01/20 2014800  ET DELETED Blackhole Landing Page getElementByID Qwe - May 22nd 2012; [1
11,9882015/01/20 2014799  ET POLICY OpenVPN Update Check;  
11,9872015/01/20 2014798  ET MALWARE PCMightyMax Agent PCMM.Installer;  
11,9862015/01/20 2014797  ET TROJAN ZeuS Ransomware win_unlock; [1
11,9852015/01/20 2014796  ET DELETED Win32/Thetatic.A Checkin;  
11,9842015/01/20 2014795  ET TROJAN Win32/Thetatic.A Client POST CMD result;  
11,9832015/01/20 2014794  ET TROJAN Win32/Thetatic.A Client POST Get CMD Checkin;  
11,9822015/01/20 2014793  ET TROJAN Win32/MultiPasswordRecovery.A cs-crash PWS;  
11,9812015/01/20 2014792  ET INFO DYNAMIC_DNS HTTP Request to a 3322.net Domain *.9966.org;  
11,9802015/01/20 2014791  ET INFO DYNAMIC_DNS HTTP Request to a 3322.net Domain *.8800.org;  
11,9792015/01/20 2014790  ET INFO DYNAMIC_DNS HTTP Request to a 3322.net Domain *.7766.org;  
11,9782015/01/20 2014789  ET INFO DYNAMIC_DNS HTTP Request to a 3322.net Domain *.6600.org;  
11,9772015/01/20 2014788  ET INFO DYNAMIC_DNS HTTP Request to a 3322.net Domain *.3322.net;  
11,9762015/01/20 2014787  ET INFO DYNAMIC_DNS HTTP Request to a 3322.net Domain *.2288.org;  
11,9752015/01/20 2014786  ET INFO DYNAMIC_DNS Query to 3322.net Domain *.9966.org;  
11,9742015/01/20 2014784  ET INFO DYNAMIC_DNS Query to 3322.net Domain *.8800.org;  
11,9732015/01/20 2014783  ET INFO DYNAMIC_DNS Query to 3322.net Domain *.7766.org;  
11,9722015/01/20 2014782  ET INFO DYNAMIC_DNS Query to 3322.net Domain *.6600.org;  
11,9712015/01/20 2014781  ET INFO DYNAMIC_DNS Query to 3322.net Domain *.3322.net;  
11,9702015/01/20 2014779  ET INFO DYNAMIC_DNS Query to 3322.net Domain *.2288.org;  
11,9692015/01/20 2014778  ET TROJAN Bebloh connectivity check;  
11,9682015/01/20 2014777  ET TROJAN Kazy/Kryptic Checkin with Opera/9 User-Agent; [1,2
11,9672015/01/20 2014776  ET CURRENT_EVENTS Blackhole PDF Payload Request With Double Colon;  
11,9662015/01/20 2014775  ET CURRENT_EVENTS Blackhole PDF Payload Request;  
11,9652015/01/20 2014774  ET CURRENT_EVENTS Blackhole Malicious PDF qweqwe=; [1
11,9642015/01/20 2014773  ET CURRENT_EVENTS Blackhole Landing Page JavaScript Split String Obfuscation of CharCode;  
11,9632015/01/20 2014772  ET WEB_SPECIFIC_APPS Joomla com_media file parameter Local File Inclusion Attempt; [1
11,9622015/01/20 2014771  ET WEB_SPECIFIC_APPS Joomla Appointment Booking Pro view parameter Local File Inclusion Attempt; [1
< 301  302  303  304  305  306  307  308  309  310 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.