시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
7,9112015/01/20 2010282  ET TROJAN Generic Trojan Checkin (double Content-Type headers); [1
7,9102015/01/20 2010281  ET WEB_SERVER Apache mod_perl Apache Status and Apache2 Status Cross Site Scripting Attempt; [1,2
7,9092015/01/20 2010280  ET ACTIVEX Charm Real Converter pro 6.6 Activex Control DOS clsid access attempt; [1,2
7,9082015/01/20 2010279  ET ACTIVEX InstanGet v2.08 Activex Control DOS clsid access attempt; [1,2
7,9072015/01/20 2010278  ET ACTIVEX EasyMail ActiveX AddAttachment method Remote code excution clsid access attempt; [1,2
7,9062015/01/20 2010277  ET ACTIVEX EasyMail Quicksoft ActiveX CreateStore method Remote code excution clsid access; [1,2
7,9052015/01/20 2010276  ET WEB_SPECIFIC_APPS ProdLer prodler.class.php sPath Parameter Remote File Inclusion Attempt; [1,2
7,9042015/01/20 2010275  ET WEB_SPECIFIC_APPS DEDECMS feedback_js.php arcurl Parameter UPDATE SET SQL Injection Attempt; [1,2,3
7,9032015/01/20 2010274  ET WEB_SPECIFIC_APPS DEDECMS feedback_js.php arcurl Parameter INSERT INTO SQL Injection Attempt; [1,2,3
7,9022015/01/20 2010273  ET WEB_SPECIFIC_APPS DEDECMS feedback_js.php arcurl Parameter UNION SELECT SQL Injection Attempt; [1,2,3
7,9012015/01/20 2010272  ET WEB_SPECIFIC_APPS DEDECMS feedback_js.php arcurl Parameter DELETE FROM SQL Injection Attempt; [1,2,3
7,9002015/01/20 2010271  ET WEB_SPECIFIC_APPS DEDECMS feedback_js.php arcurl Parameter SELECT FROM SQL Injection Attempt; [1,2,3
7,8992015/01/20 2010270  ET TROJAN Asprox Data Post to C&C; [1,2,3
7,8982015/01/20 2010268  ET TROJAN W32.SillyFDC Checkin; [1
7,8972015/01/20 2010267  ET TROJAN Sinowal/Torpig Checkin; [1
7,8962015/01/20 2010266  ET TROJAN Banload Checkin; [1
7,8952015/01/20 2010265  ET MALWARE User-Agent (M0zilla); [1
7,8942015/01/20 2010264  ET ACTIVEX Wmm2fxa.dll COM Object Instantiation Memory Corruption CLSID 3 Access Attempt; [1,2
7,8932015/01/20 2010263  ET ACTIVEX Wmm2fxa.dll COM Object Instantiation Memory Corruption CLSID 2 Access Attempt; [1,2
7,8922015/01/20 2010262  ET DELETED WindowsEnterpriseSuite FakeAV Dynamic User-Agent; [1,2
7,8912015/01/20 2010261  ET TROJAN WindowsEnterpriseSuite FakeAV User-Agent TALWinHttpClient; [1,2
7,8902015/01/20 2010260  ET WEB_SPECIFIC_APPS Joomla AjaxChat Component ajcuser.php GLOBALS Parameter Remote File Inclusion Attempt; [1,2,3
7,8892015/01/20 2010259  ET WEB_SPECIFIC_APPS DvBBS boardrule.php groupboardid Parameter SQL Injection; [1
7,8882015/01/20 2010258  ET ACTIVEX Installshiled 2009 premier ActiveX File Overwrite clsid Access; [1,2
7,8872015/01/20 2010257  ET ACTIVEX Installshiled 2009 premier ActiveX File Overwrite Function Call; [1,2
7,8862015/01/20 2010256  ET ACTIVEX Adobe Shockwave Player ActiveX Control Buffer Overflow clsid access; [1,2
7,8852015/01/20 2010255  ET WEB_SPECIFIC_APPS Ve-EDIT debug_php.php _GET Parameter Local File Inclusion; [1,2
7,8842015/01/20 2010254  ET WEB_SPECIFIC_APPS Ve-EDIT edit_htmlarea.php highlighter Parameter Remote File Inclusion; [1,2
7,8832015/01/20 2010253  ET ACTIVEX EasyMail Quicksoft ActiveX Control Remote code excution clsid access attempt; [1,2
7,8822015/01/20 2010252  ET WEB_SPECIFIC_APPS Datalife Engine api.class.php dle_config_api Parameter Remote File Inclusion; [1,2,3
7,8812015/01/20 2010248  ET TROJAN Eleonore Exploit Pack activity; [1,2
7,8802015/01/20 2010247  ET TROJAN WindowsEnterpriseSuite FakeAV Reporting via POST; [1,2
7,8792015/01/20 2010246  ET TROJAN WindowsEnterpriseSuite FakeAV Reporting via POST initial check-in; [1,2
7,8782015/01/20 2010245  ET ACTIVEX Multiple Altiris Products AeXNSConsoleUtilities.dll ActiveX Control BrowseAndSaveFile Method Buffer Overflow Attempt Function Call; [1,2,3,4,5
7,8772015/01/20 2010244  ET TROJAN Obitel Downloader Request; [1,2,3
7,8762015/01/20 2010243  ET DELETED Agent.END; [1
7,8752015/01/20 2010242  ET TROJAN WindowsEnterpriseSuite FakeAV get_product_domains.php; [1,2
7,8742015/01/20 2010241  ET TROJAN WindowsEnterpriseSuite FakeAV check-in GET; [1,2
7,8732015/01/20 2010240  ET TROJAN WindowsEnterpriseSuite FakeAV check-in HEAD; [1,2
7,8722015/01/20 2010239  ET DELETED FakeAlert/FraudPack/FakeAV/Guzz/Dload/Vobfus/ZPack HTTP Post 6; [1,2,3,4,5
7,8712015/01/20 2010238  ET DELETED FakeAlert/FraudPack/FakeAV/Guzz/Dload/Vobfus/ZPack HTTP Post 5; [1,2,3,4
7,8702015/01/20 2010237  ET DELETED FakeAlert/FraudPack/FakeAV/Guzz/Dload/Vobfus/ZPack HTTP Post 4; [1,2,3
7,8692015/01/20 2010236  ET DELETED FakeAlert/FraudPack/FakeAV/Guzz/Dload/Vobfus/ZPack HTTP Post 3; [1,2,3,4
7,8682015/01/20 2010235  ET DELETED FakeAlert/FraudPack/FakeAV/Guzz/Dload/Vobfus/ZPack HTTP Post 2; [1,2,3,4
7,8672015/01/20 2010234  ET DELETED FakeAlert/FraudPack/FakeAV/Guzz/Dload/Vobfus/ZPack HTTP Post 1; [1,2,3,4
7,8662015/01/20 2010233  ET DELETED FakeAlert/FraudPack/FakeAV/Guzz/Dload/Vobfus/ZPack Encrypted GIF download 3; [1,2,3,4
7,8652015/01/20 2010232  ET DELETED FakeAlert/FraudPack/FakeAV/Guzz/Dload/Vobfus/ZPack Encrypted GIF download 2; [1,2,3,4,5
7,8642015/01/20 2010231  ET DELETED FakeAlert/FraudPack/FakeAV/Guzz/Dload/Vobfus/ZPack Encrypted GIF download 1; [1,2,3,4
7,8632015/01/20 2010230  ET TROJAN W32.Koblu; [1
7,8622015/01/20 2010229  ET WEB_SERVER Possible Cherokee Web Server GET AUX Request Denial Of Service Attempt; [1,2,3,4
< 381  382  383  384  385  386  387  388  389  390 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.