시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
11,4612015/01/20 2014233  ET POLICY ASafaWeb Scan User-Agent (asafaweb.com); [1
11,4602015/01/20 2014232  ET TROJAN UPDATE Protocol Trojan Communication detected on http ports 2;  
11,4592015/01/20 2014231  ET TROJAN UPDATE Protocol Trojan Communication detected on non-http ports 2;  
11,4582015/01/20 2014230  ET TROJAN Karagany/Kazy Obfuscated Payload Download; [1,2
11,4572015/01/20 2014229  ET TROJAN NfLog Checkin; [1
11,4562015/01/20 2014228  ET TROJAN Backdoor Win32.Idicaf/Atraps; [1
11,4552015/01/20 2014227  ET TROJAN BB Trojan Communication Protocol detected; [1
11,4542015/01/20 2014226  ET TROJAN IP2B Trojan Communication Protocol detected; [1
11,4532015/01/20 2014225  ET TROJAN LURK Trojan Communication Protocol detected; [1
11,4522015/01/20 2014224  ET TROJAN UPDATE Protocol Trojan Communication detected on non-http ports; [1
11,4512015/01/20 2014223  ET TROJAN UPDATE Protocol Trojan Communication detected on http ports; [1
11,4502015/01/20 2014222  ET TROJAN QDIGIT Trojan Protocol detected; [1
11,4492015/01/20 2014221  ET DELETED Unknown HTTP CnC Checkin;  
11,4482015/01/20 2014220  ET DELETED TDS Sutra Exploit Kit Redirect Received;  
11,4472015/01/20 2014219  ET TROJAN TSPY_SPCESEND.A Checkin; [1
11,4462015/01/20 2014218  ET TROJAN Zeus POST Request to CnC sk1 and bn1 post parameters;  
11,4452015/01/20 2014217  ET TROJAN Delf/Troxen/Zema controller delivering clickfraud instructions;  
11,4442015/01/20 2014216  ET TROJAN Delf/Troxen/Zema controller responding to client;  
11,4432015/01/20 2014215  ET MOBILE_MALWARE Android/Plankton.P Commands Request to CnC Server; [1
11,4422015/01/20 2014214  ET DELETED MSUpdater post-auth checkin; [1,2
11,4412015/01/20 2014213  ET TROJAN MSUpdater Connectivity Check to Google; [1,2
11,4402015/01/20 2014212  ET TROJAN MSUpdater POST checkin to CnC; [1,2
11,4392015/01/20 2014211  ET TROJAN MSUpdater alt checkin to CnC; [1,2
11,4382015/01/20 2014210  ET TROJAN Sykipot SSL Certificate subject emailAddress detected; [1
11,4372015/01/20 2014209  ET TROJAN Sykipot SSL Certificate serial number detected; [1
11,4362015/01/20 2014208  ET TROJAN TLD4 Purple Haze Variant Initial CnC Request for Ad Servers; [1
11,4352015/01/20 2014207  ET WEB_CLIENT Likely MS12-004 midiOutPlayNextPolyEvent Heap Overflow Midi Filename Requested baby.mid;  
11,4342015/01/20 2014206  ET CURRENT_EVENTS CutePack Exploit Kit Landing Page Detected; [1
11,4332015/01/20 2014205  ET CURRENT_EVENTS CUTE-IE.html CutePack Exploit Kit Iframe for Landing Page Detected; [1
11,4322015/01/20 2014204  ET CURRENT_EVENTS CutePack Exploit Kit JavaScript Variable Detected; [1
11,4312015/01/20 2014203  ET CURRENT_EVENTS CUTE-IE.html CutePack Exploit Kit Landing Page Request; [1
11,4302015/01/20 2014202  ET POLICY File Being Uploaded to SendSpace File Hosting Site;  
11,4292015/01/20 2014201  ET POLICY Outbound HTTP Connection From Cisco IOS Device;  
11,4282015/01/20 2014200  ET TROJAN Dapato/Cleaman Checkin; [1
11,4272015/01/20 2014199  ET CURRENT_EVENTS Exploit Kit Exploiting IEPeers; [1
11,4262015/01/20 2014198  ET TROJAN ZeuS - ICE-IX cid= in cookie;  
11,4252015/01/20 2014197  ET CURRENT_EVENTS Yang Pack Exploit Kit Landing Page Known JavaScript Function Detected; [1
11,4242015/01/20 2014196  ET DELETED Blackhole Java Exploit request to /content/rin.jar;  
11,4232015/01/20 2014195  ET CURRENT_EVENTS Blackhole Acrobat 8/9.3 PDF exploit download request 5;  
11,4222015/01/20 2014194  ET DELETED Blackhole Exploit Kit JavaScript colon string splitting;  
11,4212015/01/20 2014193  ET TROJAN W32/VPEYE Trojan Downloader User-Agent (VP-EYE Downloader);  
11,4202015/01/20 2014192  ET MALWARE W32/MediaGet Checkin;  
11,4192015/01/20 2014191  ET TROJAN W32/118GotYourNo Reporting to CnC;  
11,4182015/01/20 2014190  ET MALWARE W32/OpenTrio User-Agent (Open3);  
11,4172015/01/20 2014189  ET DELETED Likely Blackhole Exploit Kit Driveby ?id Download Secondary Request;  
11,4162015/01/20 2014188  ET WEB_SPECIFIC_APPS IBBY nouvelles.php id Parameter UPDATE SET SQL Injection Attempt; [1
11,4152015/01/20 2014187  ET WEB_SPECIFIC_APPS IBBY nouvelles.php id Parameter INSERT INTO SQL Injection Attempt; [1
11,4142015/01/20 2014186  ET WEB_SPECIFIC_APPS IBBY nouvelles.php id Parameter UNION SELECT SQL Injection Attempt; [1
11,4132015/01/20 2014185  ET WEB_SPECIFIC_APPS IBBY nouvelles.php id Parameter DELETE FROM SQL Injection Attempt; [1
11,4122015/01/20 2014184  ET WEB_SPECIFIC_APPS IBBY nouvelles.php id Parameter SELECT FROM SQL Injection Attempt; [1
< 311  312  313  314  315  316  317  318  319  320 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.