시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
12,9612015/01/20 2015808  ET TROJAN Taidoor Checkin;  
12,9602015/01/20 2015807  ET TROJAN Backdoor.Win32.Pushdo.s Checkin;  
12,9592015/01/20 2015806  ET TROJAN Mini-Flame v 5.x C2 HTTP request; [1
12,9582015/01/20 2015805  ET TROJAN Mini-Flame v 4.x C2 HTTP request; [1
12,9572015/01/20 2015804  ET CURRENT_EVENTS BlackHole 2 PDF Exploit; [1
12,9562015/01/20 2015803  ET CURRENT_EVENTS Possible Blackhole/Cool Landing URI Struct; [1
12,9552015/01/20 2015802  ET CURRENT_EVENTS Blackhole 2 Landing Page (5);  
12,9542015/01/20 2015801  ET DELETED pamdql obfuscated javascript -_-- padding;  
12,9532015/01/20 2015800  ET TROJAN Dorkbot GeoIP Lookup to wipmania;  
12,9522015/01/20 2015799  ET TROJAN Win32.Fareit.A/Pony Downloader Checkin (2); [1,2,3,4,5,6
12,9512015/01/20 2015798  ET CURRENT_EVENTS Blackhole/Cool EXE URI Struct;  
12,9502015/01/20 2015797  ET CURRENT_EVENTS Blackhole 2 Landing Page (3);  
12,9492015/01/20 2015796  ET CURRENT_EVENTS Blackhole/Cool Jar URI Struct;  
12,9482015/01/20 2015795  ET TROJAN Winlock.6870 SSL Cert;  
12,9472015/01/20 2015794  ET WEB_SPECIFIC_APPS PhpTax Possible Remote Code Exec;  
12,9462015/01/20 2015793  ET CURRENT_EVENTS Scalaxy Java Exploit 10/11/12;  
12,9452015/01/20 2015792  ET CURRENT_EVENTS Scalaxy Secondary Landing Page 10/11/12;  
12,9442015/01/20 2015791  ET POLICY archive.org heritix Crawler User-Agent (Outbound); [1
12,9432015/01/20 2015790  ET WEB_CLIENT Microsoft Rich Text File download - SET;  
12,9422015/01/20 2015789  ET CURRENT_EVENTS BegOpEK - TDS - icon.php;  
12,9412015/01/20 2015788  ET CURRENT_EVENTS BegOpEK - Landing Page;  
12,9402015/01/20 2015787  ET CURRENT_EVENTS Blackhole/Cool eot URI Struct;  
12,9392015/01/20 2015786  ET TROJAN Ransom.Win32.Birele.gsg Checkin;  
12,9382015/01/20 2015785  ET DELETED pamdql obfuscated javascript _222_ padding;  
12,9372015/01/20 2015783  ET CURRENT_EVENTS BegOp Exploit Kit Payload;  
12,9362015/01/20 2015782  ET CURRENT_EVENTS Magnitude EK (formerly Popads) Other Java Exploit Kit 32-32 byte hex hostile jar;  
12,9352015/01/20 2015781  ET CURRENT_EVENTS Unknown Java Exploit Kit 32-32 byte hex initial landing;  
12,9342015/01/20 2015780  ET TROJAN Zbot UA;  
12,9332015/01/20 2015759  ET CURRENT_EVENTS Blackhole Java Exploit Recent Jar (4);  
12,9322015/01/20 2015758  ET CURRENT_EVENTS g01pack Exploit Kit Landing Page (2);  
12,9312015/01/20 2015757  ET POLICY AskSearch Toolbar Spyware User-Agent (AskTBar) 2;  
12,9302015/01/20 2015756  ET TROJAN Trojan Downloader GetBooks UA;  
12,9292015/01/20 2015755  ET WEB_SERVER Image Content-Type with Obfuscated PHP (Seen with C99 Shell); [1
12,9282015/01/20 2015754  ET SCAN Nessus Netbios Scanning; [1
12,9272015/01/20 2015753  ET TROJAN Pincav.cjvb Checkin;  
12,9262015/01/20 2015752  ET DELETED Windows EXE with alternate byte XOR 51 - possible SofosFO/NeoSploit download;  
12,9252015/01/20 2015751  ET DELETED SofosFO/NeoSploit possible landing page 10/01/12 (2);  
12,9242015/01/20 2015750  ET DELETED SofosFO/NeoSploit possible landing page 10/01/12;  
12,9232015/01/20 2015749  ET WEB_SERVER Possible Oracle SQL Injection utl_inaddr call in URI;  
12,9222015/01/20 2015748  ET TROJAN Fake Anti-Hacking Tool; [1
12,9212015/01/20 2015747  ET WEB_SPECIFIC_APPS Possible JBoss/JMX InvokerServlet Auth Bypass Attempt; [1
12,9202015/01/20 2015745  ET INFO EXE CheckRemoteDebuggerPresent (Used in Malware Anti-Debugging);  
12,9192015/01/20 2015744  ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging);  
12,9182015/01/20 2015743  ET INFO Revoked Adobe Code Signing Certificate Seen; [1
12,9172015/01/20 2015742  ET TROJAN SSL Cert Used In Unknown Exploit Kit;  
12,9162015/01/20 2015741  ET TROJAN DNS Query to Unknown CnC DGA Domain adbullion.com 09/26/12;  
12,9152015/01/20 2015740  ET CURRENT_EVENTS MALVERTISING - Redirect To Blackhole - Push JavaScript;  
12,9142015/01/20 2015739  ET DELETED pamdql applet with obfuscated URL;  
12,9132015/01/20 2015738  ET CURRENT_EVENTS pamdql obfuscated javascript --- padding;  
12,9122015/01/20 2015737  ET WEB_SERVER PHPMyAdmin BackDoor Access; [1
< 281  282  283  284  285  286  287  288  289  290 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.