시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
15,9612015/01/20 2018897  ET TROJAN Pushdo.S CnC response;  
15,9602015/01/20 2018896  ET TROJAN BitcoinMiner C2 SSL Cert; [1
15,9592015/01/20 2018895  ET TROJAN Ddex Loader Check-in; [1
15,9582015/01/20 2018894  ET TROJAN Probable OneLouder downloader (Zeus P2P);  
15,9572015/01/20 2018893  ET TROJAN Zbot .onion Proxy DNS lookup July 31, 2014;  
15,9562015/01/20 2018892  ET TROJAN Zbot .onion Proxy domain in SNI Aug 04, 2014;  
15,9552015/01/20 2018891  ET TROJAN Kronos Checkin; [1
15,9542015/01/20 2018890  ET TROJAN Infostealer.Mysayad Checkin 2; [1
15,9532015/01/20 2018889  ET TROJAN Infostealer.Mysayad Checkin 1; [1
15,9522015/01/20 2018888  ET MOBILE_MALWARE Android/Spy.Kasandra.A Checkin;  
15,9512015/01/20 2018887  ET MOBILE_MALWARE Android/Trogle.A Possible Exfiltration of SMS via SMTP;  
15,9502015/01/20 2018886  ET TROJAN Windows TaskList Microsoft Windows DOS prompt command exit OUTBOUND;  
15,9492015/01/20 2018885  ET TROJAN Windows Command Prompt OUTBOUND;  
15,9482015/01/20 2018884  ET TROJAN Troj/ReRol.A Checkin 4; [1
15,9472015/01/20 2018883  ET TROJAN Troj/ReRol.A Checkin 2; [1
15,9462015/01/20 2018882  ET TROJAN Troj/ReRol.A Checkin 1; [1
15,9452015/01/20 2018881  ET CURRENT_EVENTS Possible Upatre SSL Cert power2.mschosting.com;  
15,9442015/01/20 2018880  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 40; [1,2
15,9432015/01/20 2018879  ET POLICY onion.cab tor2web .onion Proxy domain in SNI;  
15,9422015/01/20 2018878  ET POLICY tor4u tor2web .onion Proxy domain in SNI;  
15,9412015/01/20 2018877  ET TROJAN Tor based locker knowledgewiki.info in SNI July 31, 2014;  
15,9402015/01/20 2018876  ET POLICY onion.cab .onion Proxy DNS lookup;  
15,9392015/01/20 2018875  ET POLICY tor4u tor2web .onion Proxy DNS lookup;  
15,9382015/01/20 2018874  ET TROJAN Tor based locker .onion Proxy DNS lookup July 31, 2014;  
15,9372015/01/20 2018873  ET TROJAN Tor based locker Ransom Page;  
15,9362015/01/20 2018872  ET TROJAN Tor based locker .onion Proxy domain in SNI July 31, 2014;  
15,9352015/01/20 2018871  ET CURRENT_EVENTS Possible Upatre SSL Cert adodis.com;  
15,9342015/01/20 2018870  ET CURRENT_EVENTS Possible Upatre SSL Cert ns7-777.777servers.com;  
15,9332015/01/20 2018869  ET TROJAN W32/Pgift.Backdoor APT CnC Beacon; [1
15,9322015/01/20 2018868  ET CURRENT_EVENTS Possible Upatre SSL Cert chinasemservice.com;  
15,9312015/01/20 2018867  ET TROJAN Win32.Sality.3 checkin;  
15,9302015/01/20 2018866  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS C2); [1
15,9292015/01/20 2018865  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS C2); [1
15,9282015/01/20 2018864  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS C2); [1
15,9272015/01/20 2018863  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS C2); [1
15,9262015/01/20 2018862  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS C2); [1
15,9252015/01/20 2018861  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS C2); [1
15,9242015/01/20 2018860  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS C2); [1
15,9232015/01/20 2018859  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS C2); [1
15,9222015/01/20 2018858  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS C2); [1
15,9212015/01/20 2018857  ET TROJAN Backoff POS Checkin;  
15,9202015/01/20 2018856  ET TROJAN Windows executable base64 encoded;  
15,9192015/01/20 2018855  ET TROJAN Possible ClickFraud Trojan Socks5 Connection;  
15,9182015/01/20 2018853  ET CURRENT_EVENTS Possible Phishing E-ZPass Email Toll Notification July 30 2014; [1
15,9172015/01/20 2018852  ET TROJAN Malicious SSL Cert (KINS C2);  
15,9162015/01/20 2018851  ET TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL certificate detected (KINS C2); [1
15,9152015/01/20 2018850  ET CURRENT_EVENTS Possible Upatre SSL Cert ns2.sicher.in;  
15,9142015/01/20 2018849  ET CURRENT_EVENTS Possible Upatre SSL Cert www.senorwooly.com;  
15,9132015/01/20 2018848  ET DELETED DYNAMIC_DNS Query to *.passinggas.net Domain (Sitelutions);  
15,9122015/01/20 2018847  ET DELETED DYNAMIC_DNS HTTP Request to *.passinggas.net Domain (Sitelutions);  
< 221  222  223  224  225  226  227  228  229  230 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.