시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
14,9612015/01/20 2017864  ET CURRENT_EVENTS CrimePack HCP Exploit;  
14,9602015/01/20 2017863  ET CURRENT_EVENTS CrimePack Java Exploit;  
14,9592015/01/20 2017862  ET CURRENT_EVENTS CrimePack PDF Exploit;  
14,9582015/01/20 2017861  ET CURRENT_EVENTS Grandsoft/SofosFO EK Java Payload URI Struct;  
14,9572015/01/20 2017860  ET TROJAN W32/Ke3chang.MyWeb.APT Eourdegh Campaign CnC Beacon; [1,2
14,9562015/01/20 2017859  ET TROJAN W32/Ke3chang.Dream.APT Campaign CnC Beacon 2; [1,2
14,9552015/01/20 2017858  ET TROJAN W32/Ke3chang.BMW.APT Campaign CnC Beacon; [1,2
14,9542015/01/20 2017857  ET TROJAN W32/Ke3chang.MyWeb.APT Campaign CnC Beacon; [1,2
14,9532015/01/20 2017856  ET TROJAN W32/Ke3chang.Snake.APT Campaign CnC Beacon; [1,2
14,9522015/01/20 2017855  ET TROJAN W32/Ke3chang.MovieStar.APT Campaign CnC Beacon; [1,2
14,9512015/01/20 2017854  ET CURRENT_EVENTS PHP script in OptimizePress Upload Directory Possible WebShell Access; [1
14,9502015/01/20 2017853  ET WEB_SPECIFIC_APPS Wordpress OptimizePress Arbitratry File Upload; [1
14,9492015/01/20 2017852  ET CURRENT_EVENTS HiMan EK Secondary Landing;  
14,9482015/01/20 2017851  ET CURRENT_EVENTS HiMan EK Exploit URI Struct;  
14,9472015/01/20 2017850  ET CURRENT_EVENTS SPL2 PluginDetect Data Hash;  
14,9462015/01/20 2017849  ET CURRENT_EVENTS Possible CVE-2013-2551 As seen in SPL2 EK;  
14,9452015/01/20 2017848  ET CURRENT_EVENTS SPL2 EK SilverLight;  
14,9442015/01/20 2017847  ET CURRENT_EVENTS Browlock Landing Page URI Struct;  
14,9432015/01/20 2017846  ET CURRENT_EVENTS DRIVEBY FakeUpdate - URI - Payload Requested;  
14,9422015/01/20 2017845  ET CURRENT_EVENTS DRIVEBY FakeUpdate - URI - /styles/javaupdate.css;  
14,9412015/01/20 2017844  ET CURRENT_EVENTS Styx Exploit Kit - EOT Exploit;  
14,9402015/01/20 2017843  ET CURRENT_EVENTS SUSPICIOUS pony.exe in URI;  
14,9392015/01/20 2017842  ET CURRENT_EVENTS SUSPICIOUS winhost(32|64).exe in URI;  
14,9382015/01/20 2017841  ET CURRENT_EVENTS Styx Exploit Kit - HTML;  
14,9372015/01/20 2017840  ET CURRENT_EVENTS Styx Exploit Kit - JAR Exploit;  
14,9362015/01/20 2017839  ET TROJAN Vawtrak/NeverQuest Checkin;  
14,9352015/01/20 2017838  ET TROJAN HTTP Connection To Known Sinkhole Domain sinkdns.org;  
14,9342015/01/20 2017837  ET DELETED Possible Zbot Activity Common Download Struct;  
14,9332015/01/20 2017836  ET TROJAN Possible Zbot Activity Common Download Struct;  
14,9322015/01/20 2017835  ET WEB_SERVER Mambo.PerlBot Spreader IRC DDOS Exploited Message;  
14,9312015/01/20 2017834  ET WEB_SERVER Mambo.PerlBot Spreader IRC DDOS Mambo Scanning Message;  
14,9302015/01/20 2017833  ET WEB_SERVER Mambo.PerlBot Spreader IRC DDOS PerlBot Version Message;  
14,9292015/01/20 2017832  ET WEB_SERVER Mambo.PerlBot Spreader IRC DDOS Attack Done Message;  
14,9282015/01/20 2017831  ET WEB_SERVER Mambo.PerlBot Spreader IRC DDOS Attacking Message;  
14,9272015/01/20 2017830  ET WEB_SERVER Perl/Mambo.WebShell Spreader IRC No Open Ports Message;  
14,9262015/01/20 2017829  ET WEB_SERVER Perl/Mambo.WebShell Spreader IRC Open Ports Message;  
14,9252015/01/20 2017828  ET WEB_SERVER Perl/Mambo.WebShell Spreader IRC Scanning Message;  
14,9242015/01/20 2017827  ET CURRENT_EVENTS SPL2 EK Dec 09 2013 Java Request;  
14,9232015/01/20 2017826  ET CURRENT_EVENTS SPL2 EK Landing Dec 09 2013;  
14,9222015/01/20 2017825  ET EXPLOIT Zollard PHP Exploit UA Outbound; [1
14,9212015/01/20 2017824  ET CURRENT_EVENTS Neutrino Landing Page Dec 09 2013;  
14,9202015/01/20 2017823  ET CURRENT_EVENTS heapSpray in jjencode; [1
14,9192015/01/20 2017822  ET WEB_SERVER IIS ISN BackDoor Command Get Logpath; [1
14,9182015/01/20 2017821  ET WEB_SERVER IIS ISN BackDoor Command Delete Log; [1
14,9172015/01/20 2017820  ET WEB_SERVER IIS ISN BackDoor Command GetLog; [1
14,9162015/01/20 2017819  ET CURRENT_EVENTS Styx EK iexp.html;  
14,9152015/01/20 2017818  ET TROJAN Common Zbot EXE filename Dec 09 2013;  
14,9142015/01/20 2017817  ET CURRENT_EVENTS Sweet Orange Landing Page Dec 09 2013;  
14,9132015/01/20 2017816  ET TROJAN Possible Upatre Downloader SSL certificate; [1
14,9122015/01/20 2017815  ET CURRENT_EVENTS Possible Safe/CritX/FlashPack Edwards Packed PluginDetect;  
< 241  242  243  244  245  246  247  248  249  250 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.