시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
15,5612015/01/20 2018483  ET TROJAN Possible Zendran ELF IRCBot Joining Channel 2; [1,2
15,5602015/01/20 2018482  ET TROJAN Possible Zendran ELF IRCBot Joining Channel; [1,2
15,5592015/01/20 2018481  ET TROJAN Trojan.Win32.Webprefix checkin;  
15,5582015/01/20 2018480  ET CURRENT_EVENTS Possible Upatre SSL Compromised site dfsdirect.ca;  
15,5572015/01/20 2018479  ET TROJAN Downloader.Win32.Tesch.A Server CnC Sending Executable;  
15,5562015/01/20 2018478  ET TROJAN Downloader.Win32.Tesch.A Bot Command Checkin 1;  
15,5552015/01/20 2018477  ET TROJAN Downloader.Win32.Tesch.A Server CnC Checkin Reply;  
15,5542015/01/20 2018476  ET DELETED TROJAN Downloader.Win32.Tesch.A Client CnC Checkin;  
15,5532015/01/20 2018475  ET TROJAN W32/HelloBridge.Backdoor Login CnC Beacon; [1
15,5522015/01/20 2018474  ET TROJAN W32/HelloBridge.Backdoor Register CnC Beacon; [1
15,5512015/01/20 2018473  ET DELETED W32/Alina.POS-Trojan CnC Beacon; [1
15,5502015/01/20 2018472  ET CURRENT_EVENTS DRIVEBY FlashPack Plugin-Detect May 13 2014;  
15,5492015/01/20 2018471  ET CURRENT_EVENTS DRIVEBY FlashPack Flash Exploit flash2014.php;  
15,5482015/01/20 2018470  ET CURRENT_EVENTS DRIVEBY FlashPack Flash Exploit flash2013.php;  
15,5472015/01/20 2018469  ET CURRENT_EVENTS DRIVEBY FlashPack 2013-2551 May 13 2014;  
15,5462015/01/20 2018468  ET TROJAN PandoraRat/Refroso.bsp Directory Listing Sent To Server;  
15,5452015/01/20 2018467  ET TROJAN PandoraRat/Refroso.bsp Activity;  
15,5442015/01/20 2018466  ET TROJAN Possible Backdoor.Unrecom Download; [1,2
15,5432015/01/20 2018465  ET TROJAN Possible Backdoor.Adwind Download 2; [1,2
15,5422015/01/20 2018464  ET TROJAN OneLouder EXE download possibly installing Zeus P2P;  
15,5412015/01/20 2018463  ET TROJAN possible OneLouder header structure;  
15,5402015/01/20 2018462  ET TROJAN W32/Fsysna.Downloader CnC Beacon; [1
15,5392015/01/20 2018461  ET CURRENT_EVENTS Possible Upatre SSL Compromised site sabzevarsez.com;  
15,5382015/01/20 2018460  ET CURRENT_EVENTS Possible Upatre SSL Compromised site iclasshd.net;  
15,5372015/01/20 2018459  ET WEB_SERVER SUSPICIOUS Possible WebShell Login Form (Outbound); [1
15,5362015/01/20 2018458  ET MALWARE DomainIQ Check-in;  
15,5352015/01/20 2018457  ET TROJAN Possible Upatre Downloader SSL certificate (fake loc);  
15,5342015/01/20 2018456  ET TROJAN ELF/Mayhem Checkin; [1
15,5332015/01/20 2018455  ET TROJAN DNS Reply Sinkhole - Anubis - 195.22.26.192/26;  
15,5322015/01/20 2018454  ET CURRENT_EVENTS Possible Malvertising Redirect URI Struct;  
15,5312015/01/20 2018453  ET TROJAN Upatre Downloader 2p (Zeus) May 07 2014;  
15,5302015/01/20 2018452  ET TROJAN CryptoWall Check-in;  
15,5292015/01/20 2018451  ET CURRENT_EVENTS DRIVEBY Nuclear EK Landing May 05 2014;  
15,5282015/01/20 2018450  ET DELETED Potential Selfint C2 traffic (from client);  
15,5272015/01/20 2018449  ET TROJAN Potential Sefint C2 traffic (from server);  
15,5262015/01/20 2018448  ET TROJAN Sefnit Checkin; [1
15,5252015/01/20 2018447  ET WEB_CLIENT Base64 Encoded Java Value; [1
15,5242015/01/20 2018443  ET TROJAN W32/Karagany.Downloader CnC Beacon; [1
15,5232015/01/20 2018442  ET CURRENT_EVENTS 32-byte by 32-byte PHP EK Gate with HTTP POST;  
15,5222015/01/20 2018441  ET CURRENT_EVENTS Goon/Infinity URI Struct EK Landing May 05 2014;  
15,5212015/01/20 2018440  ET CURRENT_EVENTS DRIVEBY Goon/Infinity EK Landing May 05 2014;  
15,5202015/01/20 2018439  ET CURRENT_EVENTS Common Bad Actor Indicators Used in Various Targeted 0-day Attacks;  
15,5192015/01/20 2018438  ET DNS DNS Query for vpnoverdns - indicates DNS tunnelling; [1
15,5182015/01/20 2018437  ET DELETED Trojan-Spy.Win32.Zbot.hmcm Checkin;  
15,5172015/01/20 2018436  ET WEB_CLIENT Microsoft Application Crash Report Indicates Potential VGX Memory Corruption 2; [1,2
15,5162015/01/20 2018435  ET TROJAN W32/Hicrazyk.A Downloader Install CnC Beacon; [1
15,5152015/01/20 2018434  ET WEB_CLIENT Microsoft Application Crash Report Indicates Potential VGX Memory Corruption; [1,2
15,5142015/01/20 2018433  ET WEB_CLIENT SUSPICOUS Possible automated connectivity check (www.yahoo.com);  
15,5132015/01/20 2018432  ET WEB_CLIENT SUSPICOUS Possible automated connectivity check (www.bing.com);  
15,5122015/01/20 2018431  ET WEB_CLIENT SUSPICOUS Possible automated connectivity check (www.msn.com);  
< 231  232  233  234  235  236  237  238  239  240 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.