시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
13,1112015/01/20 2015964  ET CURRENT_EVENTS Unknown EK Landing URL;  
13,1102015/01/20 2015963  ET INFO PHISH Generic - Bank and Routing;  
13,1092015/01/20 2015962  ET CURRENT_EVENTS CritXPack Payload Request;  
13,1082015/01/20 2015961  ET CURRENT_EVENTS CritXPack PDF Request;  
13,1072015/01/20 2015960  ET CURRENT_EVENTS CritXPack Jar Request;  
13,1062015/01/20 2015959  ET SNMP Samsung Printer SNMP Hardcode RW Community String; [1
13,1052015/01/20 2015958  ET TROJAN Lyposit Ransomware Checkin 2;  
13,1042015/01/20 2015957  ET TROJAN Lyposit Ransomware Checkin 1;  
13,1032015/01/20 2015956  ET CURRENT_EVENTS Serenity Exploit Kit Landing Page HTML Header;  
13,1022015/01/20 2015955  ET CURRENT_EVENTS PDF /FlateDecode and PDF version 1.1 (seen in pamdql EK);  
13,1012015/01/20 2015954  ET INFO PDF /FlateDecode and PDF version 1.0;  
13,1002015/01/20 2015953  ET WEB_SERVER PIWIK Backdored Version calls home; [1,2,3
13,0992015/01/20 2015952  ET CURRENT_EVENTS PHISH Generic -SSN - ssn1 ssn2 ssn3;  
13,0982015/01/20 2015951  ET CURRENT_EVENTS SibHost Jar Request;  
13,0972015/01/20 2015950  ET CURRENT_EVENTS Propack Payload Request;  
13,0962015/01/20 2015949  ET CURRENT_EVENTS Propack Recent Jar (1);  
13,0952015/01/20 2015948  ET WEB_SPECIFIC_APPS Piwik Backdoor Access 2; [1
13,0942015/01/20 2015947  ET WEB_SPECIFIC_APPS Piwik Backdoor Access; [1
13,0932015/01/20 2015946  ET CURRENT_EVENTS CrimeBoss - Setup;  
13,0922015/01/20 2015945  ET CURRENT_EVENTS CrimeBoss - Stats Java On;  
13,0912015/01/20 2015944  ET CURRENT_EVENTS CrimeBoss - Stats Access;  
13,0902015/01/20 2015943  ET CURRENT_EVENTS Crimeboss - Java Exploit - Recent Jar (3);  
13,0892015/01/20 2015942  ET CURRENT_EVENTS CrimeBoss - Java Exploit - Recent Jar (2);  
13,0882015/01/20 2015941  ET CURRENT_EVENTS CrimeBoss - Java Exploit - Recent Jar (1);  
13,0872015/01/20 2015940  ET SCAN SFTP/FTP Password Exposure via sftp-config.json; [1
13,0862015/01/20 2015939  ET CURRENT_EVENTS g01pack Exploit Kit .blogsite. Landing Page;  
13,0852015/01/20 2015938  ET CURRENT_EVENTS Unknown Banking PHISH - Login.php?LOB=RBG;  
13,0842015/01/20 2015937  ET WEB_SERVER WebShell - PostMan;  
13,0832015/01/20 2015936  ET CURRENT_EVENTS Nuclear Exploit Kit HTTP Off-port Landing Page Request;  
13,0822015/01/20 2015933  ET CURRENT_EVENTS Blackhole/Cool txt URI Struct;  
13,0812015/01/20 2015932  ET CURRENT_EVENTS Blackhole 2 Landing Page (7);  
13,0802015/01/20 2015931  ET CURRENT_EVENTS RedKit Exploit Kit vulnerable Java Payload Request to URI (2);  
13,0792015/01/20 2015930  ET CURRENT_EVENTS RedKit Exploit Kit Vulnerable Java Payload Request URI (1);  
13,0782015/01/20 2015929  ET CURRENT_EVENTS RedKit Exploit Kit Java Request to Recent jar (2);  
13,0772015/01/20 2015928  ET CURRENT_EVENTS RedKit Exploit Kit Java Request to Recent jar (1);  
13,0762015/01/20 2015927  ET CURRENT_EVENTS RedKit /h***.htm(l) Landing Page - Set;  
13,0752015/01/20 2015926  ET WEB_SERVER WebShell - Unknown - .php?x=img&img=;  
13,0742015/01/20 2015925  ET WEB_SERVER WebShell - Unknown - self-kill;  
13,0732015/01/20 2015924  ET WEB_SERVER WebShell - PHP eMailer;  
13,0722015/01/20 2015923  ET CURRENT_EVENTS Possible Glazunov Java payload request /5-digit;  
13,0712015/01/20 2015922  ET CURRENT_EVENTS Possible Glazunov Java exploit request /9-10-/4-5-digit;  
13,0702015/01/20 2015921  ET CURRENT_EVENTS Spam Campaign JPG CnC Link; [1
13,0692015/01/20 2015920  ET WEB_SERVER WebShell - Generic - c99shell based POST structure w/multipart;  
13,0682015/01/20 2015919  ET WEB_SERVER WebShell - Generic - c99shell based header w/colons;  
13,0672015/01/20 2015918  ET WEB_SERVER WebShell - Generic - c99shell based header;  
13,0662015/01/20 2015917  ET WEB_SERVER WebShell - D.K - Title;  
13,0652015/01/20 2015916  ET CURRENT_EVENTS CoolEK Landing Pattern (2);  
13,0642015/01/20 2015915  ET CURRENT_EVENTS CoolEK Landing Pattern (1);  
13,0632015/01/20 2015914  ET CURRENT_EVENTS Remax - Other Creds;  
13,0622015/01/20 2015913  ET CURRENT_EVENTS Remax - Hotmail Creds;  
< 281  282  283  284  285  286  287  288  289  290 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.