시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
14,8112015/01/20 2017712  ET EXPLOIT Microsoft Outlook/Crypto API X.509 oid id-pe-authorityInfoAccessSyntax design bug allow blind HTTP requests attempt; [1,2
14,8102015/01/20 2017711  ET CURRENT_EVENTS Possible Fake Codec Download;  
14,8092015/01/20 2017710  ET TROJAN Bamital checkin;  
14,8082015/01/20 2017709  ET WEB_CLIENT Possible IE 0day CVE-2013-3918 4; [1
14,8072015/01/20 2017708  ET WEB_CLIENT Possible IE 0day CVE-2013-3918 3; [1
14,8062015/01/20 2017707  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 4; [1,2
14,8052015/01/20 2017706  ET CURRENT_EVENTS Possible Sweet Orange IE Payload Request;  
14,8042015/01/20 2017705  ET WEB_CLIENT Possible IE 0day CVE-2013-3918 2; [1
14,8032015/01/20 2017704  ET WEB_CLIENT Possible IE 0day CVE-2013-3918 1; [1
14,8022015/01/20 2017703  ET CURRENT_EVENTS Angler EK Possible Flash/IE Payload;  
14,8012015/01/20 2017702  ET TROJAN Possible Trojan.APT.9002 POST; [1
14,8002015/01/20 2017701  ET CURRENT_EVENTS webr00t WebShell Access; [1
14,7992015/01/20 2017700  ET TROJAN Possible Stitur Secondary Download;  
14,7982015/01/20 2017699  ET CURRENT_EVENTS Grandsoft/SofosFO EK PDF URI Struct;  
14,7972015/01/20 2017698  ET CURRENT_EVENTS Magnitude Landing Nov 11 2013;  
14,7962015/01/20 2017697  ET TROJAN FaceBook IM & Web Driven Facebook Trojan Posting Data; [1
14,7952015/01/20 2017696  ET CURRENT_EVENTS FaceBook IM & Web Driven Facebook Trojan Download; [1
14,7942015/01/20 2017695  ET CURRENT_EVENTS Possible Angler EK Flash Exploit;  
14,7932015/01/20 2017694  ET CURRENT_EVENTS Possible Magnitude IE EK Payload Nov 8 2013;  
14,7922015/01/20 2017693  ET CURRENT_EVENTS Styx iframe with obfuscated CVE-2013-2551;  
14,7912015/01/20 2017691  ET TROJAN W32/Citadel.Arx Varient CnC Beacon 2; [1,2
14,7902015/01/20 2017690  ET TROJAN W32/Citadel.Arx Variant CnC Beacon 1; [1,2
14,7892015/01/20 2017689  ET TROJAN Possible Schneebly Posting ScreenShot; [1
14,7882015/01/20 2017688  ET WEB_SERVER Possible SUPERMICRO IPMI url_redirect.cgi Directory Traversal Attempt; [1
14,7872015/01/20 2017687  ET WEB_SERVER Possible SUPERMICRO IPMI close_window.cgi ACT Parameter Buffer Overflow Attempt CVE-2013-3623; [1
14,7862015/01/20 2017686  ET WEB_SERVER Possible SUPERMICRO IPMI close_window.cgi sess_sid Parameter Buffer Overflow Attempt CVE-2013-3623; [1
14,7852015/01/20 2017685  ET WEB_SERVER Possible SUPERMICRO IPMI login.cgi PWD Parameter Buffer Overflow Attempt CVE-2013-3621; [1
14,7842015/01/20 2017684  ET WEB_SERVER Possible SUPERMICRO IPMI login.cgi Name Parameter Buffer Overflow Attempt CVE-2013-3621; [1
14,7832015/01/20 2017683  ET CURRENT_EVENTS SUSPICIOUS winhosts.exe in URI Probable Process Dump/Trojan Download; [1
14,7822015/01/20 2017682  ET CURRENT_EVENTS SUSPICIOUS mssrs.exe in URI Probable Process Dump/Trojan Download; [1
14,7812015/01/20 2017681  ET CURRENT_EVENTS SUSPICIOUS alg.exe in URI Probable Process Dump/Trojan Download; [1
14,7802015/01/20 2017680  ET CURRENT_EVENTS SUSPICIOUS waulct.exe in URI Probable Process Dump/Trojan Download; [1
14,7792015/01/20 2017679  ET CURRENT_EVENTS SUSPICIOUS winlog.exe in URI Probable Process Dump/Trojan Download; [1
14,7782015/01/20 2017678  ET DELETED SUSPICIOUS lgfxsrvc.exe in URI Probable Process Dump/Trojan Download;  
14,7772015/01/20 2017677  ET CURRENT_EVENTS SUSPICIOUS wimhost.exe in URI Probable Process Dump/Trojan Download; [1
14,7762015/01/20 2017676  ET CURRENT_EVENTS SUSPICIOUS lgfxsrvc.exe in URI Probable Process Dump/Trojan Download;  
14,7752015/01/20 2017675  ET CURRENT_EVENTS SUSPICIOUS connhost.exe in URI Probable Process Dump/Trojan Download; [1
14,7742015/01/20 2017674  ET CURRENT_EVENTS SUSPICIOUS wsqmocn.exe in URI Probable Process Dump/Trojan Download; [1
14,7732015/01/20 2017673  ET CURRENT_EVENTS SUSPICIOUS taskmgr.exe in URI Probable Process Dump/Trojan Download; [1
14,7722015/01/20 2017672  ET CURRENT_EVENTS SUSPICIOUS msctcd.exe in URI Probable Process Dump/Trojan Download; [1
14,7712015/01/20 2017671  ET CURRENT_EVENTS Possible CVE-2013-3906 CnC Checkin; [1
14,7702015/01/20 2017670  ET CURRENT_EVENTS SUSPICIOUS Word DOCX with Many ActiveX Objects and Media; [1
14,7692015/01/20 2017669  ET INFO Zip File;  
14,7682015/01/20 2017668  ET TROJAN Possible Backdoor.Adwind Download; [1
14,7672015/01/20 2017667  ET CURRENT_EVENTS Nuclear EK Payload URI Struct Nov 05 2013;  
14,7662015/01/20 2017666  ET CURRENT_EVENTS Nuclear EK JAR URI Struct Nov 05 2013;  
14,7652015/01/20 2017665  ET CURRENT_EVENTS Fredcot campaign IRC CnC; [1
14,7642015/01/20 2017664  ET CURRENT_EVENTS Fredcot campaign payload download; [1
14,7632015/01/20 2017663  ET CURRENT_EVENTS Fredcot campaign php5-cgi initial exploit; [1
14,7622015/01/20 2017662  ET TROJAN Known Sinkhole Response Header;  
< 241  242  243  244  245  246  247  248  249  250 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.