시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
12,2612015/01/20 2015079  ET DELETED HTTP Request to a Zeus CnC DGA Domain inqgvoeohpcsfxmn.ru; [1,2
12,2602015/01/20 2015078  ET DELETED HTTP Request to a Zeus CnC DGA Domain xeeypppxswpquvrf.ru; [1,2
12,2592015/01/20 2015077  ET DELETED HTTP Request to a Zeus CnC DGA Domain vznrahwzgntmfcqk.ru; [1,2
12,2582015/01/20 2015076  ET DELETED HTTP Request to a Zeus CnC DGA Domain lsbppxhgckolsnap.ru; [1,2
12,2572015/01/20 2015075  ET DELETED HTTP Request to a Zeus CnC DGA Domain jnlkttkruqsdjqlx.ru; [1,2
12,2562015/01/20 2015074  ET DELETED HTTP Request to a Zeus CnC DGA Domain zfyafrjmmajqfvbh.ru; [1,2
12,2552015/01/20 2015073  ET DELETED HTTP Request to a Zeus CnC DGA Domain wakvnkyzkyietkdr.ru; [1,2
12,2542015/01/20 2015072  ET DELETED HTTP Request to a Zeus CnC DGA Domain ntvrnrdpyoadopbo.ru; [1,2
12,2532015/01/20 2015071  ET DELETED HTTP Request to a Zeus CnC DGA Domain lohnrnnpvvtxedfl.ru; [1,2
12,2522015/01/20 2015070  ET DELETED HTTP Request to a Zeus CnC DGA Domain bhujzorkulhkpwob.ru; [1,2
12,2512015/01/20 2015069  ET DELETED HTTP Request to a Zeus CnC DGA Domain yafzvancybuwmnno.ru; [1,2
12,2502015/01/20 2015068  ET DELETED HTTP Request to a Zeus CnC DGA Domain otruvbidvikzhlop.ru; [1,2
12,2492015/01/20 2015067  ET DELETED HTTP Request to a Zeus CnC DGA Domain mocrafrewsdjztbj.ru; [1,2
12,2482015/01/20 2015066  ET DELETED HTTP Request to a Zeus CnC DGA Domain ciqmhuwgvfsxdtrw.ru; [1,2
12,2472015/01/20 2015065  ET DELETED HTTP Request to a Zeus CnC DGA Domain adbjjkquyyhyqknf.ru; [1,2
12,2462015/01/20 2015064  ET DELETED HTTP Request to a Zeus CnC DGA Domain qtmyeslmsoxkjbku.ru; [1,2
12,2452015/01/20 2015063  ET DELETED HTTP Request to a Zeus CnC DGA Domain npxsiiwpxqqiihmo.ru; [1,2
12,2442015/01/20 2015062  ET DELETED HTTP Request to a Zeus CnC DGA Domain eilqnjkoytyjuchn.ru; [1,2
12,2432015/01/20 2015061  ET DELETED HTTP Request to a Zeus CnC DGA Domain bdvkpbuldslsapeb.ru; [1,2
12,2422015/01/20 2015057  ET CURRENT_EVENTS c3284d malware network iframe;  
12,2412015/01/20 2015056  ET CURRENT_EVENTS Blackhole Exploit Kit Landing Page Structure;  
12,2402015/01/20 2015055  ET CURRENT_EVENTS Unknown_s=1 - Payload Requested - 32AlphaNum?s=1 Java Request;  
12,2392015/01/20 2015054  ET CURRENT_EVENTS Unknown_s=1 - Landing Page - 100HexChar value and applet;  
12,2382015/01/20 2015053  ET CURRENT_EVENTS Unknown_s=1 - Landing Page - 10HexChar Title and applet;  
12,2372015/01/20 2015052  ET CURRENT_EVENTS c3284d Malware Network Compromised Redirect (comments 2); [1
12,2362015/01/20 2015051  ET CURRENT_EVENTS c3284d Malware Network Compromised Redirect (comments 1); [1
12,2352015/01/20 2015050  ET TROJAN Generic - 8Char.JAR Naming Algorithm;  
12,2342015/01/20 2015049  ET DELETED Request For Blackhole Landing Page Go.php;  
12,2332015/01/20 2015048  ET CURRENT_EVENTS 09 July 2012 Blackhole Landing Page - Please Wait Loading;  
12,2322015/01/20 2015047  ET DELETED Blackhole Exploit Kit Landing Page Redirect.php Port 8080 Request;  
12,2312015/01/20 2015046  ET DELETED Blackhole Exploit Kit Java Exploit request to /Set1.jar 6th July 2012;  
12,2302015/01/20 2015045  ET INFO Potential Common Malicious JavaScript Loop;  
12,2292015/01/20 2015044  ET DELETED Blackhole Exploit Kit Obfuscated Applet Value 6th July 2012;  
12,2282015/01/20 2015043  ET DELETED Blackhole Exploit Kit Applet Code Rafa.Rafa 6th July 2012;  
12,2272015/01/20 2015042  ET CURRENT_EVENTS g01pack - 32Char.php by Java Client;  
12,2262015/01/20 2015041  ET WEB_SPECIFIC_APPS WordPress Custom Contact Forms options-general.php Cross-Site Scripting Attempt; [1
12,2252015/01/20 2015040  ET WEB_SPECIFIC_APPS Joomla com_rssreader controller parameter Local File Inclusion Attempt; [1
12,2242015/01/20 2015039  ET WEB_SPECIFIC_APPS Joomla com_wisroyq controller parameter Local File Inclusion Attempt; [1
12,2232015/01/20 2015038  ET WEB_SPECIFIC_APPS WordPress Count Per Day Plugin page parameter Cross-Site Scripting Attempt; [1
12,2222015/01/20 2015037  ET ACTIVEX Possible Crystal Reports Viewer Activex Control ServerResourceVersion Insecure Method Access 2; [1
12,2212015/01/20 2015036  ET ACTIVEX Possible Crystal Reports Viewer Activex Control ServerResourceVersion Insecure Method Access; [1
12,2202015/01/20 2015035  ET WEB_SERVER possible SAP Crystal Report Server 2008 path parameter Directory Traversal vulnerability; [1
12,2192015/01/20 2015034  ET WEB_SPECIFIC_APPS Concrete CMS btask parameter Cross-Site Scripting Attempt; [1
12,2182015/01/20 2015033  ET WEB_SPECIFIC_APPS Concrete CMS approveImmediately parameter Cross-Site Scripting Attempt; [1
12,2172015/01/20 2015032  ET ACTIVEX Possible IBM Rational ClearQuest Activex Control RegisterSchemaRepoFromFileByDbSet Insecure Method Access; [1
12,2162015/01/20 2015031  ET CURRENT_EVENTS Incognito - Payload Request - /load.php by Java Client;  
12,2152015/01/20 2015030  ET CURRENT_EVENTS Incognito - Java Exploit Requested - /gotit.php by Java Client;  
12,2142015/01/20 2015028  ET TROJAN Cridex Post to CnC; [1,2,3
12,2132015/01/20 2015027  ET DELETED Blackhole Landing Page Eval Variable Obfuscation 3;  
12,2122015/01/20 2015026  ET CURRENT_EVENTS Blackhole Landing Page Eval Variable Obfuscation 2;  
< 291  292  293  294  295  296  297  298  299  300 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.