시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
15,7112015/01/20 2018639  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 39; [1,2
15,7102015/01/20 2018638  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 38; [1,2
15,7092015/01/20 2018637  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 37; [1,2
15,7082015/01/20 2018636  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 36; [1,2
15,7072015/01/20 2018635  ET TROJAN Common Upatre Header Structure 2;  
15,7062015/01/20 2018634  ET TROJAN W32/Antifulai.APT CnC Beacon 4; [1
15,7052015/01/20 2018633  ET TROJAN W32/Antifulai.APT CnC Beacon 3; [1
15,7042015/01/20 2018632  ET TROJAN W32/Antifulai.APT CnC Beacon 2; [1
15,7032015/01/20 2018631  ET TROJAN W32/Antifulai.APT CnC Beacon 1; [1
15,7022015/01/20 2018630  ET MOBILE_MALWARE Android/Comll.Banker RAT CnC Beacon; [1
15,7012015/01/20 2018629  ET TROJAN Trojan.Karagany C&C Response; [1
15,7002015/01/20 2018626  ET TROJAN Downloader.Win32.Tesch.A Server Command (bot is ready to start receiving commands); [1
15,6992015/01/20 2018625  ET TROJAN Downloader.Win32.Tesch.A Server Command (Confirm C2 IP and port) 2; [1
15,6982015/01/20 2018624  ET TROJAN Downloader.Win32.Tesch.A Server Command (Confirm C2 IP and port); [1
15,6972015/01/20 2018623  ET TROJAN Downloader.Win32.Tesch.A Bot Command (Proxy command); [1
15,6962015/01/20 2018622  ET TROJAN Downloader.Win32.Tesch.A Bot Command (OK acknowledgement); [1
15,6952015/01/20 2018620  ET TROJAN Downloader.Win32.Tesch.A Bot Command Checkin 2;  
15,6942015/01/20 2018618  ET TROJAN Possible W32/VBKlip BAN Download; [1
15,6932015/01/20 2018617  ET MALWARE Downloader.NSIS.OutBrowse.b Checkin; [1
15,6922015/01/20 2018616  ET TROJAN Win32/Sharik C2 Incoming Crafted Request;  
15,6912015/01/20 2018615  ET TROJAN Win32/Sharik C2 Incoming Traffic;  
15,6902015/01/20 2018614  ET TROJAN Win32/Sharik Checkin;  
15,6892015/01/20 2018613  ET CURRENT_EVENTS Evil EK Redirector Cookie June 27 2014;  
15,6882015/01/20 2018612  ET WEB_SPECIFIC_APPS Cacti Superlinks Plugin SQL Injection; [1
15,6872015/01/20 2018611  ET DELETED Win32/Tesch.A Checkin; [1
15,6862015/01/20 2018610  ET TROJAN Likely CryptoWall .onion Proxy domain in SNI;  
15,6852015/01/20 2018609  ET TROJAN Likely CryptoWall .onion Proxy DNS lookup;  
15,6842015/01/20 2018608  ET TROJAN Suspicious User-Agent (HardCore Software For);  
15,6832015/01/20 2018607  ET WEB_SERVER PHP Crawler; [1
15,6822015/01/20 2018606  ET CURRENT_EVENTS Safe/CritX/FlashPack EK Secondary Landing June 25 2014;  
15,6812015/01/20 2018605  ET WEB_SPECIFIC_APPS TimThumb Remote Command Execution; [1
15,6802015/01/20 2018604  ET TROJAN Andromeda Downloading Module;  
15,6792015/01/20 2018603  ET WEB_SERVER c99 Shell Backdoor Var Override Client Body; [1
15,6782015/01/20 2018602  ET WEB_SERVER c99 Shell Backdoor Var Override Cookie; [1
15,6772015/01/20 2018601  ET WEB_SERVER c99 Shell Backdoor Var Override URI; [1
15,6762015/01/20 2018600  ET TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL certificate detected (KINS C2); [1
15,6752015/01/20 2018599  ET TROJAN W32/Citadel Download From CnC Server /files/ attachment; [1
15,6742015/01/20 2018598  ET TROJAN Citadel Checkin; [1
15,6732015/01/20 2018597  ET TROJAN Dyreza RAT Checkin Response 2; [1
15,6722015/01/20 2018596  ET TROJAN Dyreza RAT Checkin Response; [1
15,6712015/01/20 2018595  ET CURRENT_EVENTS DRIVEBY Nuclear EK Landing May 23 2014;  
15,6702015/01/20 2018594  ET CURRENT_EVENTS Possible Upatre SSL Cert webhostingpad.com;  
15,6692015/01/20 2018593  ET CURRENT_EVENTS Safe/CritX/FlashPack EK CVE-2013-3918;  
15,6682015/01/20 2018592  ET CURRENT_EVENTS Multiple EKs CVE-2013-3918;  
15,6672015/01/20 2018591  ET CURRENT_EVENTS Trojan-Banker.JS.Banker fraudulent redirect boleto payment code; [1
15,6662015/01/20 2018590  ET MALWARE Adware.MultiInstaller checkin 2;  
15,6652015/01/20 2018589  ET CURRENT_EVENTS Possible ASPROX Download URI Struct June 19 2014;  
15,6642015/01/20 2018588  ET EXPLOIT Supermicro BMC Password Disclosure 4; [1
15,6632015/01/20 2018587  ET EXPLOIT Supermicro BMC Password Disclosure 3; [1
15,6622015/01/20 2018586  ET EXPLOIT Supermicro BMC Password Disclosure 2; [1
< 221  222  223  224  225  226  227  228  229  230 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.