시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
14,6612015/01/20 2017557  ET CURRENT_EVENTS Possible Java CVE-2013-1488 java.sql.Drivers Service Object in JAR; [1,2
14,6602015/01/20 2017556  ET CURRENT_EVENTS BlackHole EK Variant PDF Download;  
14,6592015/01/20 2017555  ET CURRENT_EVENTS DotkaChef EK initial landing from Oct 02 2013 mass-site compromise EK campaign;  
14,6582015/01/20 2017554  ET CURRENT_EVENTS BHEK Payload Download (java only alternate method may overlap with 2017454);  
14,6572015/01/20 2017553  ET CURRENT_EVENTS HiMan EK Reporting Host/Exploit Info;  
14,6562015/01/20 2017552  ET CURRENT_EVENTS Cushion Redirection; [1
14,6552015/01/20 2017551  ET CURRENT_EVENTS Obfuscated http 2 digit sep in applet (Seen in HiMan EK);  
14,6542015/01/20 2017550  ET CURRENT_EVENTS HiMan EK Landing Oct 1 2013;  
14,6532015/01/20 2017549  ET CURRENT_EVENTS Fake MS Security Update (Jar);  
14,6522015/01/20 2017548  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 3; [1,2
14,6512015/01/20 2017547  ET CURRENT_EVENTS CoolEK Jar Download Sep 30 2013;  
14,6502015/01/20 2017546  ET CURRENT_EVENTS Possible FortDisco POP3 Site list download; [1
14,6492015/01/20 2017545  ET CURRENT_EVENTS Sweet Orange Landing with Applet Sep 30 2013;  
14,6482015/01/20 2017544  ET CURRENT_EVENTS LightsOut EK POST Compromise POST; [1
14,6472015/01/20 2017543  ET CURRENT_EVENTS Possible LightsOut EK gami.jar; [1
14,6462015/01/20 2017542  ET CURRENT_EVENTS Possible LightsOut EK gami.html; [1
14,6452015/01/20 2017541  ET CURRENT_EVENTS Possible LightsOut EK inden2i.php; [1
14,6442015/01/20 2017540  ET CURRENT_EVENTS Possible LightsOut EK erno_rfq.html; [1
14,6432015/01/20 2017539  ET CURRENT_EVENTS Possible LightsOut EK stoq.jar; [1
14,6422015/01/20 2017538  ET CURRENT_EVENTS Possible LightsOut EK start.jar; [1
14,6412015/01/20 2017537  ET CURRENT_EVENTS Possible LightsOut EK leks.jar; [1
14,6402015/01/20 2017536  ET CURRENT_EVENTS Possible LightsOut EK negq.html; [1
14,6392015/01/20 2017535  ET CURRENT_EVENTS Possible LightsOut EK negc.html; [1
14,6382015/01/20 2017534  ET CURRENT_EVENTS Possible LightsOut EK leks.html; [1
14,6372015/01/20 2017533  ET CURRENT_EVENTS Possible LightsOut EK sort.html; [1
14,6362015/01/20 2017532  ET CURRENT_EVENTS Possible LightsOut EK inden2i.html; [1
14,6352015/01/20 2017531  ET CURRENT_EVENTS Possible LightsOut EK info3i.php; [1
14,6342015/01/20 2017530  ET CURRENT_EVENTS Possible LightsOut EK info3i.html; [1
14,6332015/01/20 2017529  ET CURRENT_EVENTS LightsOut EK Payload Download; [1
14,6322015/01/20 2017528  ET WEB_SERVER UA WordPress, probable DDOS-Attack; [1,2
14,6312015/01/20 2017527  ET TROJAN W32/Napolar Checkin; [1,2
14,6302015/01/20 2017526  ET TROJAN Hiloti/Mufanom CnC Response;  
14,6292015/01/20 2017525  ET TROJAN OSX/Leverage.A Checkin;  
14,6282015/01/20 2017524  ET TROJAN DATA-BROKER BOT Activity; [1
14,6272015/01/20 2017523  ET TROJAN Worm.VBS.ayr CnC command response; [1
14,6262015/01/20 2017522  ET TROJAN Worm.VBS.ayr CnC command (is-cmd-shell); [1
14,6252015/01/20 2017521  ET TROJAN Worm.VBS.ayr CnC command (is-enum-process); [1
14,6242015/01/20 2017520  ET TROJAN Worm.VBS.ayr CnC command (is-enum-folder); [1
14,6232015/01/20 2017519  ET TROJAN Worm.VBS.ayr CnC command (is-enum-driver); [1
14,6222015/01/20 2017518  ET TROJAN Worm.VBS.ayr CnC command (/iam-ready); [1
14,6212015/01/20 2017517  ET TROJAN Worm.VBS.ayr Checkin 2;  
14,6202015/01/20 2017516  ET TROJAN Worm.VBS.ayr Checkin 1;  
14,6192015/01/20 2017515  ET INFO User-Agent (python-requests) Inbound to Webserver;  
14,6182015/01/20 2017513  ET CURRENT_EVENTS W32/Caphaw DriveBy Campaign Ping.html; [1,2
14,6172015/01/20 2017512  ET CURRENT_EVENTS W32/Caphaw DriveBy Campaign Statistic.js; [1,2
14,6162015/01/20 2017511  ET TROJAN DeputyDog callback; [1
14,6152015/01/20 2017510  ET EXPLOIT Metasploit CVE-2013-3205 Exploit Specific;  
14,6142015/01/20 2017509  ET CURRENT_EVENTS Possible J7u21 click2play bypass;  
14,6132015/01/20 2017508  ET CURRENT_EVENTS Styx J7u21 click2play bypass;  
14,6122015/01/20 2017507  ET CURRENT_EVENTS Cushion Redirection; [1
< 241  242  243  244  245  246  247  248  249  250 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.