시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
13,4112015/01/20 2016265  ET DELETED Win32/Kelihos.F Checkin 9;  
13,4102015/01/20 2016264  ET DELETED Win32/Kelihos.F Checkin 8;  
13,4092015/01/20 2016263  ET DELETED Win32/Kelihos.F Checkin 7;  
13,4082015/01/20 2016262  ET DELETED Win32/Kelihos.F Checkin 6;  
13,4072015/01/20 2016261  ET DELETED Win32/Kelihos.F Checkin 5;  
13,4062015/01/20 2016260  ET DELETED Win32/Kelihos.F Checkin 4;  
13,4052015/01/20 2016259  ET DELETED Win32/Kelihos.F Checkin 3;  
13,4042015/01/20 2016258  ET DELETED Win32/Kelihos.F Checkin 2;  
13,4032015/01/20 2016257  ET DELETED Win32/Kelihos.F Checkin 1;  
13,4022015/01/20 2016256  ET CURRENT_EVENTS Gondad Exploit Kit Post Exploitation Request;  
13,4012015/01/20 2016255  ET CURRENT_EVENTS Red Dot Exploit Kit Binary Payload Request; [1
13,4002015/01/20 2016254  ET CURRENT_EVENTS Possible Red Dot Exploit Kit Single Character JAR Request; [1
13,3992015/01/20 2016253  ET TROJAN Unknown POST of System Info;  
13,3982015/01/20 2016252  ET TROJAN Unknown POST of Windows PW Hashes to External Site;  
13,3972015/01/20 2016251  ET TROJAN Win32/Emold.C Checkin; [1,2
13,3962015/01/20 2016250  ET CURRENT_EVENTS Redkit Class Request (2);  
13,3952015/01/20 2016249  ET CURRENT_EVENTS Redkit Class Request (1);  
13,3942015/01/20 2016248  ET CURRENT_EVENTS StyX Landing Page;  
13,3932015/01/20 2016247  ET CURRENT_EVENTS StyX Landing Page;  
13,3922015/01/20 2016245  ET WEB_SERVER WebShell - Generic - c99shell based header;  
13,3912015/01/20 2016244  ET WEB_SERVER WebShell - Symlink_Sa;  
13,3902015/01/20 2016243  ET DELETED Request for FakeAV Binary /two/data.exe Infection Campaign;  
13,3892015/01/20 2016242  ET CURRENT_EVENTS Blackhole Java applet with obfuscated URL Jan 21 2012;  
13,3882015/01/20 2016241  ET DELETED SofosFO - Landing Page;  
13,3872015/01/20 2016240  ET CURRENT_EVENTS Impact Exploit Kit Class Download;  
13,3862015/01/20 2016239  ET WEB_SPECIFIC_APPS Joomla Incapsula component Performance.php file XSS Attempt; [1
13,3852015/01/20 2016238  ET WEB_SPECIFIC_APPS Joomla Incapsula component Security.php XSS Attempt; [1
13,3842015/01/20 2016237  ET ACTIVEX Possible Samsung Kies ActiveX PrepareSync method Buffer overflow; [1
13,3832015/01/20 2016236  ET ACTIVEX Possible KeyHelp ActiveX LaunchTriPane Remote Code Execution Vulnerability; [1
13,3822015/01/20 2016235  ET ACTIVEX Possible KeyHelp ActiveX LaunchTriPane Remote Code Execution Vulnerability 2; [1
13,3812015/01/20 2016234  ET WEB_SPECIFIC_APPS Mu Perspectives Cms id parameter Cross-Site Scripting Attempt; [1
13,3802015/01/20 2016233  ET WEB_SPECIFIC_APPS Joomla com_ztautolink controller parameter Local File Inclusion Attempt; [1
13,3792015/01/20 2016232  ET WEB_SPECIFIC_APPS Joomla com_bit controller parameter Local File Inclusion Attempt; [1
13,3782015/01/20 2016231  ET WEB_SPECIFIC_APPS Cartweaver 3 Local File Inclusion Attempt; [1
13,3772015/01/20 2016230  ET WEB_SPECIFIC_APPS WordPress Age Verification plugin redirect_to Parameter URI Redirection; [1
13,3762015/01/20 2016229  ET CURRENT_EVENTS Blackhole 16/32-hex/a-z.php Jar Download;  
13,3752015/01/20 2016228  ET CURRENT_EVENTS Metasploit CVE-2013-0422 Jar;  
13,3742015/01/20 2016227  ET CURRENT_EVENTS Metasploit CVE-2013-0422 Landing Page;  
13,3732015/01/20 2016226  ET TROJAN Possible Red October proxy CnC 3;  
13,3722015/01/20 2016225  ET TROJAN Possible Red October proxy CnC 2;  
13,3712015/01/20 2016224  ET TROJAN Possible Red October proxy CnC 1;  
13,3702015/01/20 2016223  ET TROJAN Andromeda Checkin;  
13,3692015/01/20 2016222  ET SCAN GET with HTML tag in start of URI seen with PHPMyAdmin scanning;  
13,3682015/01/20 2016221  ET CURRENT_EVENTS CoolEK Payload Download;  
13,3672015/01/20 2016220  ET TROJAN Red October/Win32.Digitalia Checkin cgi-bin/win/cab; [1
13,3662015/01/20 2016219  ET TROJAN Red October/Win32.Digitalia Checkin cgi-bin/win/wcx; [1
13,3652015/01/20 2016218  ET TROJAN Red October/Win32.Digitalia Checkin cgi-bin/ms/flush; [1
13,3642015/01/20 2016217  ET TROJAN Red October/Win32.Digitalia Checkin cgi-bin/ms/check; [1
13,3632015/01/20 2016216  ET TROJAN Red October/Win32.Digitalia Checkin cgi-bin/dllhost/ac; [1
13,3622015/01/20 2016215  ET TROJAN Red October/Win32.Digitalia Checkin cgi-bin/nt/sk; [1
< 271  272  273  274  275  276  277  278  279  280 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.