시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
15,0112015/01/20 2017914  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 8; [1,2
15,0102015/01/20 2017913  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 7; [1,2
15,0092015/01/20 2017912  ET MALWARE W32/InstallRex.Adware Report CnC Beacon;  
15,0082015/01/20 2017911  ET MALWARE W32/InstallRex.Adware Initial CnC Beacon;  
15,0072015/01/20 2017910  ET INFO suspicious - gzipped file via JAVA - could be pack200-ed JAR;  
15,0062015/01/20 2017909  ET INFO suspicious - uncompressed pack200-ed JAR;  
15,0052015/01/20 2017908  ET CURRENT_EVENTS GoonEK encrypted binary (1);  
15,0042015/01/20 2017907  ET CURRENT_EVENTS GoonEK Landing with CVE-2013-2551 Dec 29 2013;  
15,0032015/01/20 2017906  ET CURRENT_EVENTS TDS Unknown_.aso - URI - IP.aso;  
15,0022015/01/20 2017905  ET CURRENT_EVENTS SofosFO/GrandSoft PDF;  
15,0012015/01/20 2017904  ET CURRENT_EVENTS Possible Angler EK Flash Exploit Dec 26 2013;  
15,0002015/01/20 2017903  ET TROJAN Win32/Urausy.C Checkin 4;  
14,9992015/01/20 2017902  ET CURRENT_EVENTS Angler EK Possible Flash/IE Payload Dec 24 2013;  
14,9982015/01/20 2017901  ET CURRENT_EVENTS Possible Angler EK Flash Exploit Dec 24 2013;  
14,9972015/01/20 2017900  ET CURRENT_EVENTS Metasploit 2013-3346;  
14,9962015/01/20 2017899  ET CURRENT_EVENTS Possible PDF Dictionary Entry with Hex/Ascii replacement;  
14,9952015/01/20 2017898  ET EXPLOIT Metasploit Plugin-Detect Posting Data 3; [1
14,9942015/01/20 2017897  ET EXPLOIT Metasploit Plugin-Detect Posting Data 2; [1
14,9932015/01/20 2017896  ET EXPLOIT Metasploit Plugin-Detect Posting Data 1; [1
14,9922015/01/20 2017895  ET TROJAN Kuluoz/Asprox Activity; [1,2
14,9912015/01/20 2017894  ET CURRENT_EVENTS DotkaChef Payload Dec 20 2013; [1
14,9902015/01/20 2017893  ET CURRENT_EVENTS DotkaChef Landing URI Struct; [1
14,9892015/01/20 2017892  ET MALWARE GMUnpackerInstaller.A Checkin;  
14,9882015/01/20 2017891  ET TROJAN W32/GMUnpacker.Downloader Download Instructions Response From CnC;  
14,9872015/01/20 2017890  ET INFO SUSPICIOUS SMTP EXE - RAR file with .scr filename inside;  
14,9862015/01/20 2017889  ET INFO SUSPICIOUS SMTP EXE - ZIP file with .scr filename inside;  
14,9852015/01/20 2017888  ET INFO SUSPICIOUS SMTP EXE - RAR file with .com filename inside;  
14,9842015/01/20 2017887  ET INFO SUSPICIOUS SMTP EXE - ZIP file with .com filename inside;  
14,9832015/01/20 2017886  ET INFO SUSPICIOUS SMTP EXE - EXE SMTP Attachment;  
14,9822015/01/20 2017885  ET INFO SUSPICIOUS SMTP EXE - RAR file with .exe filename inside;  
14,9812015/01/20 2017884  ET INFO SUSPICIOUS SMTP EXE - ZIP file with .exe filename inside (Inbound);  
14,9802015/01/20 2017883  ET DELETED W32/Ferret DDOS Bot CnC Beacon; [1
14,9792015/01/20 2017882  ET WEB_SERVER Apache Solr Arbitrary XSLT inclusion attack; [1
14,9782015/01/20 2017881  ET MALWARE W32/Linkular.Adware Icons.dat Second Stage Download;  
14,9772015/01/20 2017880  ET MALWARE W32/Linkular.Adware Successful Install Beacon;  
14,9762015/01/20 2017879  ET POLICY W32/BitCoinMiner.MultiThreat Getblocktemplate Protocol Server Coinbasetxn Begin Mining Response; [1
14,9752015/01/20 2017878  ET POLICY W32/BitCoinMiner.MultiThreat Getblocktemplate Protocol Server Connection; [1
14,9742015/01/20 2017877  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 6; [1,2
14,9732015/01/20 2017876  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 5; [1,2
14,9722015/01/20 2017875  ET WEB_SERVER Coldfusion cfcexplorer Directory Traversal; [1
14,9712015/01/20 2017874  ET CURRENT_EVENTS W32/BitCoinMiner Fake Flash Player Distribution Campaign - December 2013; [1,2
14,9702015/01/20 2017873  ET POLICY W32/BitCoinMiner.MultiThreat Stratum Protocol Mining.Notify Work Server Response; [1,2,3
14,9692015/01/20 2017872  ET POLICY W32/BitCoinMiner.MultiThreat Stratum Protocol Mining.Notify Initial Connection Server Response; [1,2,3
14,9682015/01/20 2017871  ET POLICY W32/BitCoinMiner.MultiThreat Subscribe/Authorize Stratum Protocol Message; [1,2,3
14,9672015/01/20 2017870  ET TROJAN W32/Liftoh.Downloader Get Final Payload Request; [1
14,9662015/01/20 2017869  ET TROJAN W32/Liftoh.Downloader Final.html Payload Request; [1
14,9652015/01/20 2017868  ET TROJAN W32/Liftoh.Downloader Images CnC Beacon; [1
14,9642015/01/20 2017867  ET TROJAN W32/Liftoh.Downloader Feed404 CnC Beacon; [1
14,9632015/01/20 2017866  ET CURRENT_EVENTS CrimePack Jar 2 Dec 16 2013;  
14,9622015/01/20 2017865  ET CURRENT_EVENTS CrimePack Jar 1 Dec 16 2013;  
< 241  242  243  244  245  246  247  248  249  250 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.