시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
12,8112015/01/20 2015633  ET INFO DYNAMIC_DNS Query to Abused Domain *.mooo.com;  
12,8102015/01/20 2015632  ET TROJAN Shamoon/Wiper/DistTrack Checkin; [1,2,3
12,8092015/01/20 2015631  ET DELETED Possible XDocCrypt/Dorifel Checkin; [1
12,8082015/01/20 2015630  ET DELETED Possible XDocCrypt/Dorifel CnC IP; [1
12,8072015/01/20 2015629  ET DELETED Cridex Response from exfiltrated data upload; [1,2
12,8062015/01/20 2015628  ET DELETED Backdoor.Win32.Gh0st Checkin (7 Byte keyword); [1,2,3,4,5
12,8052015/01/20 2015627  ET DELETED Backdoor.Win32.Gh0st Checkin (6 Byte keyword); [1,2,3,4,5
12,8042015/01/20 2015625  ET WEB_SERVER Magento XMLRPC-Exploit Attempt; [1,2,3
12,8032015/01/20 2015623  ET TROJAN Urlzone/Bebloh/Bublik Checkin /was/uid.php; [1,2,3,4
12,8022015/01/20 2015622  ET CURRENT_EVENTS Blackhole Landing Page Hwehes String - August 13th 2012;  
12,8012015/01/20 2015621  ET DELETED Blackhole Landing Page ChildNodes.Length - August 13th 2012;  
12,8002015/01/20 2015620  ET DELETED Blackhole Landing Page JavaScript Replace - 13th August 2012;  
12,7992015/01/20 2015619  ET CURRENT_EVENTS Blackhole/Cool jnlp URI Struct;  
12,7982015/01/20 2015618  ET TROJAN DNS Query Gauss Domain *.datajunction.org; [1
12,7972015/01/20 2015617  ET TROJAN Smardf/Boaxxe GET to cc.php3;  
12,7962015/01/20 2015616  ET TROJAN DOCHTML C&C http directive in HTML comments; [1
12,7952015/01/20 2015615  ET WEB_SPECIFIC_APPS WordPress LiveGrounds plugin uid parameter Cross-Site Script Attempt; [1
12,7942015/01/20 2015614  ET WEB_SPECIFIC_APPS BaglerCMS articleID parameter Cross-Site Script Attempt; [1
12,7932015/01/20 2015613  ET WEB_SPECIFIC_APPS dirLIST thumb_gen.php Local File Inclusion Attempt; [1
12,7922015/01/20 2015612  ET WEB_SPECIFIC_APPS dirLIST show_scaled_image.php Local File Inclusion Attempt; [1
12,7912015/01/20 2015611  ET WEB_SPECIFIC_APPS Joomla je-media-player view parameter Local File Inclusion Attempt; [1
12,7902015/01/20 2015610  ET WEB_SPECIFIC_APPS WordPress Lanoba Social plugin action parameter Cross-Site Script Attempt; [1
12,7892015/01/20 2015609  ET WEB_SPECIFIC_APPS WordPress Advanced Text Widget plugin page parameter Cross-Site Script Attempt; [1
12,7882015/01/20 2015608  ET ACTIVEX Possible Kazaa Altnet Download Manager ActiveX Control Install Method Access Buffer Overflow; [1
12,7872015/01/20 2015607  ET ACTIVEX Possible HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution 2; [1
12,7862015/01/20 2015606  ET ACTIVEX Possible HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution; [1
12,7852015/01/20 2015605  ET CURRENT_EVENTS DRIVEBY SPL - Landing Page Received;  
12,7842015/01/20 2015604  ET CURRENT_EVENTS DRIVEBY SPL - Java Exploit Requested .jar Naming Pattern;  
12,7832015/01/20 2015603  ET CURRENT_EVENTS DRIVEBY SPL - Java Exploit Requested - /spl_data/;  
12,7822015/01/20 2015602  ET TROJAN DNS Query Gauss Domain *.guest-access.net; [1
12,7812015/01/20 2015601  ET TROJAN DNS Query Gauss Domain *.dataspotlight.net; [1
12,7802015/01/20 2015600  ET TROJAN DNS Query Gauss Domain *.dotnetadvisor.info; [1
12,7792015/01/20 2015599  ET TROJAN DNS Query Gauss Domain *.bestcomputeradvisor.com; [1
12,7782015/01/20 2015598  ET TROJAN DNS Query Gauss Domain *.secuurity.net; [1
12,7772015/01/20 2015597  ET TROJAN DNS Query Gauss Domain *.gowin7.com; [1
12,7762015/01/20 2015596  ET DELETED Unknown .rr.nu Malware landing page; [1
12,7752015/01/20 2015595  ET TROJAN FinFisher Malware Connection Handshake; [1
12,7742015/01/20 2015594  ET TROJAN FinFisher Malware Connection Initialization; [1
12,7732015/01/20 2015593  ET CURRENT_EVENTS Sutra TDS /simmetry; [1
12,7722015/01/20 2015592  ET DELETED Blackhole Specific JavaScript Replace hwehes - 8th August 2012;  
12,7712015/01/20 2015591  ET DELETED Potential Blackhole Zeus Drop - 8th August 2012;  
12,7702015/01/20 2015590  ET DELETED Blackhole Landing Page Intial Structure - 8th August 2012;  
12,7692015/01/20 2015589  ET POLICY Suspicious Windows Executable CreateRemoteThread; [1,2,3
12,7682015/01/20 2015588  ET POLICY Suspicious Windows Executable WriteProcessMemory; [1,2,3
12,7672015/01/20 2015587  ET TROJAN MP-FormGrabber Checkin; [1
12,7662015/01/20 2015586  ET CURRENT_EVENTS Blackhole Redirection Page Try Math.Round Catch - 7th August 2012;  
12,7652015/01/20 2015585  ET CURRENT_EVENTS FoxxySoftware - Hit Counter Access; [1
12,7642015/01/20 2015584  ET CURRENT_EVENTS FoxxySoftware - Comments(2); [1
12,7632015/01/20 2015583  ET CURRENT_EVENTS FoxxySoftware - Comments; [1
12,7622015/01/20 2015582  ET DELETED Blackhole Redirection Page You Will Be Forwarded - 7th August 2012;  
< 281  282  283  284  285  286  287  288  289  290 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.