시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
6,3612015/01/20 2008512  ET TROJAN Suspicious User-Agent (C slash);  
6,3602015/01/20 2008511  ET TROJAN Win32/Antivirus2008 Fake AV Install Report; [1
6,3592015/01/20 2008510  ET TROJAN Suspicious User-Agent - Possible Trojan Downloader (\xa2\xa2HttpClient); [1
6,3582015/01/20 2008509  ET TROJAN VirtualProtect Packed Binary - Likely Hostile; [1,2
6,3572015/01/20 2008507  ET TROJAN Backdoor.Win32.VB.fdi Bot Reporting to Controller; [1
6,3562015/01/20 2008506  ET TROJAN Trojan-PWS.Win32.VB.tr Checkin Detected; [1
6,3552015/01/20 2008504  ET TROJAN Suspicious User-Agent (SUiCiDE/1.5); [1
6,3542015/01/20 2008503  ET MALWARE ZCOM Adware/Spyware User-Agent (ZCOM Software);  
6,3532015/01/20 2008502  ET TROJAN Antispywareexpert.com Fake AS Install Checkin; [1
6,3522015/01/20 2008500  ET MALWARE Sogoul.com Spyware User-Agent (SogouIMEMiniSetup); [1
6,3512015/01/20 2008495  ET TROJAN Suspicious User-Agent (antispyprogram); [1
6,3502015/01/20 2008494  ET TROJAN Suspicious User-Agent (ieagent); [1
6,3492015/01/20 2008493  ET TROJAN Pushdo Checkin; [1
6,3482015/01/20 2008492  ET TROJAN Win32.Downloader.pgp Checkin; [1
6,3472015/01/20 2008491  ET DELETED Banker.OT Checkin (2 packet); [1
6,3462015/01/20 2008490  ET TROJAN Dialer.Win32.E-Group.n Checkin; [1
6,3452015/01/20 2008489  ET POLICY Suspicious User-Agent (dwplayer); [1
6,3442015/01/20 2008488  ET TROJAN Suspicious User-Agent (NULL); [1
6,3432015/01/20 2008485  ET MALWARE Searchtool.co.kr Fake Product User-Agent (searchtoolup); [1
6,3422015/01/20 2008484  ET MALWARE Cleancop.co.kr Fake AV User-Agent (CleancopUpdate); [1
6,3412015/01/20 2008483  ET TROJAN Win32/Antivirus2008; [1
6,3402015/01/20 2008482  ET TROJAN thespybot.com installation download detected; [1
6,3392015/01/20 2008481  ET TROJAN Trojan-PSW.Win32.Nilage.crg Checkin; [1
6,3382015/01/20 2008477  ET TROJAN Banload POST Checkin (dados); [1
6,3372015/01/20 2008476  ET EXPLOIT Foofus.net Password dumping, dll injection; [1,2
6,3362015/01/20 2008475  ET DNS Query Responses with 3 RR's set (50 in 2 seconds) - possible A RR Cache Poisoning Attempt; [1,2
6,3352015/01/20 2008474  ET MALWARE Adware.Look2Me Activity; [1
6,3342015/01/20 2008473  ET TROJAN HotLan.C Spambot Trojan Activity; [1
6,3332015/01/20 2008472  ET POLICY Netviewer.com Remote Control Proxy Test; [1
6,3322015/01/20 2008471  ET TROJAN HotLan.C Spambot C&C download command; [1
6,3312015/01/20 2008470  ET DNS Excessive NXDOMAIN responses - Possible DNS Backscatter or Domain Generation Algorithm Lookups; [1
6,3302015/01/20 2008469  ET DELETED LDPinch Checkin v2; [1
6,3292015/01/20 2008468  ET DELETED LDPinch Checkin Flowbit set; [1
6,3282015/01/20 2008467  ET WEB_SERVER Possible SQL Injection Attempt Danmec related (declare); [1
6,3272015/01/20 2008465  ET TROJAN Backdoor Possible Backdoor.Cow Varient (Backdoor.Win32.Agent.lam) C&C traffic; [1
6,3262015/01/20 2008464  ET TROJAN Suspicious User-Agent (adsntD); [1
6,3252015/01/20 2008463  ET TROJAN Suspicious User-Agent (ieguideupdate); [1
6,3242015/01/20 2008461  ET TROJAN Rouge Security Software Win32.BHO.egw; [1,2
6,3232015/01/20 2008460  ET TROJAN Suspicious User-Agent (hacker); [1
6,3222015/01/20 2008458  ET TROJAN Downloader UserAgent(AutoDL\/1.0); [1
6,3212015/01/20 2008457  ET MALWARE Deepdo Toolbar User-Agent (FavUpdate); [1,2
6,3202015/01/20 2008456  ET MALWARE EMO/PCPrivacyCleaner Rougue Secuirty App GET Checkin; [1,2
6,3192015/01/20 2008455  ET SCAN Tomcat Auth Brute Force attempt (manager); [1
6,3182015/01/20 2008454  ET SCAN Tomcat Auth Brute Force attempt (tomcat); [1
6,3172015/01/20 2008453  ET SCAN Tomcat Auth Brute Force attempt (admin); [1
6,3162015/01/20 2008452  ET DELETED Emo/Downloader.uxk checkin; [1
6,3152015/01/20 2008451  ET TROJAN Donbot Report to CnC; [1,2,3
6,3142015/01/20 2008450  ET TROJAN Donbot Connect to CnC; [1,2,3
6,3132015/01/20 2008449  ET TROJAN Keylogger.ane Checkin; [1
6,3122015/01/20 2008447  ET DNS Query Responses with 3 RR's set (50 in 2 seconds) - possible NS RR Cache Poisoning Attempt; [1,2
< 411  412  413  414  415  416  417  418  419  420 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.