시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
13,8112015/01/20 2016681  ET WEB_SERVER WebShell Generic - netsh firewall;  
13,8102015/01/20 2016680  ET WEB_SERVER WebShell Generic - net user;  
13,8092015/01/20 2016679  ET WEB_SERVER WebShell - Simple - Title;  
13,8082015/01/20 2016678  ET DELETED Blackhole/Cool plugindetect in octal -5 Mar 26 2013;  
13,8072015/01/20 2016677  ET WEB_SERVER SQL Errors in HTTP 500 Response (ORA-);  
13,8062015/01/20 2016676  ET WEB_SERVER SQL Errors in HTTP 200 Response (ORA-);  
13,8052015/01/20 2016675  ET WEB_SERVER SQL Errors in HTTP 500 Response (ERROR syntax error at or near);  
13,8042015/01/20 2016674  ET WEB_SERVER SQL Errors in HTTP 200 Response (ERROR syntax error at or near);  
13,8032015/01/20 2016673  ET WEB_SERVER SQL Errors in HTTP 500 Response (error in your SQL syntax);  
13,8022015/01/20 2016672  ET WEB_SERVER SQL Errors in HTTP 200 Response (error in your SQL syntax);  
13,8012015/01/20 2016671  ET WEB_SERVER SQL Errors in HTTP 500 Response (SqlException);  
13,8002015/01/20 2016670  ET WEB_SERVER SQL Errors in HTTP 200 Response (SqlException);  
13,7992015/01/20 2016669  ET WEB_SERVER SQL Errors in HTTP 500 Response (mysql_query);  
13,7982015/01/20 2016668  ET WEB_SERVER SQL Errors in HTTP 200 Response (mysql_query);  
13,7972015/01/20 2016667  ET WEB_SERVER SQL Errors in HTTP 500 Response (pgsql_query);  
13,7962015/01/20 2016666  ET WEB_SERVER SQL Errors in HTTP 200 Response (pgsql_query);  
13,7952015/01/20 2016665  ET WEB_SERVER SQL Errors in HTTP 500 Response (mssql_query);  
13,7942015/01/20 2016664  ET WEB_SERVER SQL Errors in HTTP 200 Response (mssql_query);  
13,7932015/01/20 2016663  ET CURRENT_EVENTS Karagany encrypted binary (1);  
13,7922015/01/20 2016662  ET P2P Possible Bittorrent Activity - Multiple DNS Queries For tracker hosts;  
13,7912015/01/20 2016661  ET DELETED Blackhole/Cool plugindetect in octal -4 Mar 22 2013;  
13,7902015/01/20 2016660  ET TROJAN [CrowdStrike] ANCHOR PANDA Torn RAT Beacon Message; [1
13,7892015/01/20 2016659  ET TROJAN [CrowdStrike] ANCHOR PANDA Torn RAT Beacon Message Header Local; [1
13,7882015/01/20 2016658  ET DELETED [CrowdStrike] ANCHOR PANDA - Poison Ivy Keep-Alive - From Victim; [1
13,7872015/01/20 2016657  ET DELETED [CrowdStrike] ANCHOR PANDA - Poison Ivy Keep-Alive - From Controller; [1
13,7862015/01/20 2016656  ET TROJAN [CrowdStrike] ANCHOR PANDA - Adobe Gh0st Beacon; [1
13,7852015/01/20 2016655  ET CURRENT_EVENTS Sweet Orange Java obfuscated binary (3);  
13,7842015/01/20 2016654  ET CURRENT_EVENTS Postal Reciept EXE in Zip;  
13,7832015/01/20 2016653  ET INFO Old/Rare PDF Generator Adobe PDF Library 9.0; [1
13,7822015/01/20 2016652  ET INFO Old/Rare PDF Generator Adobe Acrobat 9.2.0; [1
13,7812015/01/20 2016651  ET INFO Old/Rare PDF Generator pdfeTeX-1.21a; [1
13,7802015/01/20 2016650  ET INFO Old/Rare PDF Generator Acrobat Distiller 6.0.1 (Windows); [1
13,7792015/01/20 2016649  ET INFO Old/Rare PDF Generator Acrobat Distiller 9.0.0 (Windows); [1
13,7782015/01/20 2016648  ET INFO Old/Rare PDF Generator Python PDF Library; [1
13,7772015/01/20 2016647  ET INFO Old/Rare PDF Generator Adobe LiveCycle Designer ES 8.2; [1
13,7762015/01/20 2016646  ET INFO Old/Rare PDF Generator Acrobat Web Capture [8-9].0; [1
13,7752015/01/20 2016645  ET TROJAN Galock Ransomware Command; [1
13,7742015/01/20 2016644  ET TROJAN Galock Ransomware Check-in; [1
13,7732015/01/20 2016643  ET CURRENT_EVENTS Possible RedDotv2 applet with 32hex value Landing Page;  
13,7722015/01/20 2016642  ET WEB_SERVER Possible Perl Shell in HTTP POST; [1
13,7712015/01/20 2016641  ET WEB_SERVER Possible Perl Shell in HTTP POST; [1
13,7702015/01/20 2016640  ET CURRENT_EVENTS Watering Hole applet name AppletLow.jar; [1
13,7692015/01/20 2016639  ET CURRENT_EVENTS Watering Hole applet name AppletHigh.jar; [1
13,7682015/01/20 2016638  ET TROJAN W32/Depyot.Downloader CnC Beacon; [1,2
13,7672015/01/20 2016637  ET TROJAN W32/GameThief Initial CnC Beacon;  
13,7662015/01/20 2016636  ET DELETED Blackhole/Cool plugindetect in octal -2 Mar 13 2013;  
13,7652015/01/20 2016635  ET CURRENT_EVENTS DNS Query Sykipot Domain tech-att.com;  
13,7642015/01/20 2016634  ET CURRENT_EVENTS DNS Query Sykipot Domain gsasmartpay.org;  
13,7632015/01/20 2016633  ET CURRENT_EVENTS DNS Query Sykipot Domain servagency.com;  
13,7622015/01/20 2016632  ET CURRENT_EVENTS DNS Query Sykipot Domain searching-job.net;  
< 261  262  263  264  265  266  267  268  269  270 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.