시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
14,1612015/01/20 2017038  ET CURRENT_EVENTS RedKit Jar Download June 20 2013;  
14,1602015/01/20 2017037  ET CURRENT_EVENTS Javadoc API Redirect CVE-2013-1571;  
14,1592015/01/20 2017036  ET TROJAN Activity related to APT.Seinup Checkin 1; [1
14,1582015/01/20 2017035  ET CURRENT_EVENTS Malicious Redirect June 18 2013;  
14,1572015/01/20 2017034  ET CURRENT_EVENTS NailedPack EK Landing June 18 2013; [1
14,1562015/01/20 2017032  ET CURRENT_EVENTS MALVERTISING Flash - URI - /loading?vkn=;  
14,1552015/01/20 2017031  ET CURRENT_EVENTS Unknown_InIFRAME - In Referer;  
14,1542015/01/20 2017030  ET CURRENT_EVENTS Unknown_InIFRAME - Redirect to /iniframe/ URI;  
14,1532015/01/20 2017029  ET CURRENT_EVENTS Unknown_InIFRAME - URI Structure;  
14,1522015/01/20 2017028  ET CURRENT_EVENTS MALVERTISING Unknown_InIFRAME - RedTDS URI Structure;  
14,1512015/01/20 2017027  ET TROJAN Unknown Webserver Backdoor Domain (google-analytcs); [1
14,1502015/01/20 2017026  ET TROJAN Unknown Webserver Backdoor; [1
14,1492015/01/20 2017025  ET ATTACK_RESPONSE Net User Command Response;  
14,1482015/01/20 2017024  ET CURRENT_EVENTS CritX/SafePack/FlashPack URI Format June 17 2013 3; [1
14,1472015/01/20 2017023  ET CURRENT_EVENTS CritX/SafePack/FlashPack URI Format June 17 2013 2; [1
14,1462015/01/20 2017022  ET CURRENT_EVENTS CritX/SafePack/FlashPack URI Format June 17 2013 1; [1
14,1452015/01/20 2017021  ET TROJAN TripleNine RAT Checkin;  
14,1442015/01/20 2017020  ET CURRENT_EVENTS Dotka Chef EK exploit/payload URI request;  
14,1432015/01/20 2017019  ET CURRENT_EVENTS Dotka Chef EK .cache request;  
14,1422015/01/20 2017018  ET CURRENT_EVENTS Unknown EK Jar 3 June 12 2013;  
14,1412015/01/20 2017017  ET CURRENT_EVENTS Unknown EK Jar 2 June 12 2013;  
14,1402015/01/20 2017016  ET CURRENT_EVENTS Unknown EK Jar 1 June 12 2013;  
14,1392015/01/20 2017015  ET POLICY DropBox User Content Access over SSL; [1
14,1382015/01/20 2017014  ET CURRENT_EVENTS Unknown EK Landing (Payload Downloaded Via Dropbox);  
14,1372015/01/20 2017013  ET CURRENT_EVENTS Possible 2012-1533 altjvm RCE via JNLP command injection;  
14,1362015/01/20 2017012  ET CURRENT_EVENTS Possible 2012-1533 altjvm (jvm.dll) Requested Over WeBDAV;  
14,1352015/01/20 2017011  ET CURRENT_EVENTS Glazunov EK Downloading Jar;  
14,1342015/01/20 2017010  ET WEB_SERVER Possible SQLi xp_cmdshell POST body;  
14,1332015/01/20 2017009  ET TROJAN KimJongRAT cnc exe pull; [1
14,1322015/01/20 2017008  ET EXPLOIT CVE-2013-1331 Microsoft Office PNG Exploit Specific;  
14,1312015/01/20 2017007  ET EXPLOIT CVE-2013-1331 Microsoft Office PNG Exploit plugin-detect script access; [1
14,1302015/01/20 2017006  ET EXPLOIT CVE-2013-1331 Microsoft Office PNG Exploit plugin-detect script access; [1
14,1292015/01/20 2017005  ET CURRENT_EVENTS Possible Microsoft Office PNG overflow attempt invalid tEXt chunk length; [1
14,1282015/01/20 2017004  ET TROJAN Win32/Tobfy.S;  
14,1272015/01/20 2017003  ET CURRENT_EVENTS Kuluoz.B Spam Campaign Shipment_Label.exe in Zip;  
14,1262015/01/20 2017002  ET CURRENT_EVENTS Kuluoz.B Shipping Label Spam Campaign;  
14,1252015/01/20 2017001  ET TROJAN Connection to a cert.pl Sinkhole IP (Possible Infected Host);  
14,1242015/01/20 2017000  ET TROJAN Connection to unallocated address space 1.1.1.0/24;  
14,1232015/01/20 2016999  ET TROJAN Connection to Microsoft Sinkhole IP (Possbile Infected Host);  
14,1222015/01/20 2016998  ET TROJAN Connection to Fitsec Sinkhole IP (Possible Infected Host);  
14,1212015/01/20 2016997  ET TROJAN Connection to Dr Web Sinkhole IP(Possible Infected Host);  
14,1202015/01/20 2016996  ET TROJAN Connection to Zinkhole Sinkhole IP (Possible Infected Host);  
14,1192015/01/20 2016995  ET TROJAN Connection to 1&1 Sinkhole IP (Possible Infected Host);  
14,1182015/01/20 2016994  ET TROJAN Connection to Georgia Tech Sinkhole IP (Possible Infected Host);  
14,1172015/01/20 2016993  ET TROJAN Connection to AnubisNetworks Sinkhole IP (Possible Infected Host);  
14,1162015/01/20 2016992  ET WEB_SERVER WebShell Generic - *.tar.gz in POST body;  
14,1152015/01/20 2016991  ET TROJAN Alina Server Response Code; [1
14,1142015/01/20 2016990  ET TROJAN KeyBoy Backdoor File Upload Response Header; [1
14,1132015/01/20 2016989  ET TROJAN KeyBoy Backdoor File Download Response Header; [1
14,1122015/01/20 2016988  ET TROJAN KeyBoy Backdoor File Manager Response Header; [1
< 251  252  253  254  255  256  257  258  259  260 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.