시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
5,9612015/01/20 2008027  ET TROJAN Turkojan C&C Browse Drive Command (BROWSC); [1
5,9602015/01/20 2008026  ET TROJAN Turkojan C&C Keepalive (BAGLANTI); [1
5,9592015/01/20 2008025  ET TROJAN Turkojan C&C Logs Parse Response Response (LOGS1); [1
5,9582015/01/20 2008024  ET TROJAN Turkojan C&C Logs Parse Command (LOGS1); [1
5,9572015/01/20 2008023  ET TROJAN Turkojan C&C Info Command Response (MINFO); [1
5,9562015/01/20 2008022  ET TROJAN Turkojan C&C Info Command (MINFO); [1
5,9552015/01/20 2008021  ET TROJAN Turkojan C&C Initial Checkin (ams); [1
5,9542015/01/20 2008020  ET WORM Win32.Socks.s HTTP Post Checkin; [1
5,9532015/01/20 2008019  ET TROJAN Suspicious User-Agent - Possible Trojan Downloader (https); [1
5,9522015/01/20 2008017  ET TROJAN Philis.J ICMP Sweep (Payload Hello,World); [1,2
5,9512015/01/20 2008016  ET MALWARE Servicepack.kr Fake Patch Software Checkin; [1
5,9502015/01/20 2008015  ET MALWARE User-Agent (Win95); [1
5,9492015/01/20 2008013  ET MALWARE User-Agent (Internet); [1
5,9482015/01/20 2008012  ET TROJAN Winquickupdates.com/Mycashloads.com Related Trojan Install Report; [1
5,9472015/01/20 2008010  ET TROJAN Delf CnC Channel Keepalive Ping; [1
5,9462015/01/20 2008009  ET TROJAN Delf CnC Channel Keepalive Pong; [1
5,9452015/01/20 2008008  ET DELETED Delf CnC Channel Checkin Replies; [1
5,9442015/01/20 2008007  ET DELETED Delf CnC Channel Packet 1 reply; [1
5,9432015/01/20 2008006  ET DELETED Delf CnC Channel Packet 1; [1
5,9422015/01/20 2008005  ET TROJAN Backdoor.Win32.VB.cfi (related) System Info Upload via FTP; [1
5,9412015/01/20 2008004  ET TROJAN Win32.Agent.cyt (Or variant) HTTP POST Checkin (2); [1
5,9402015/01/20 2008003  ET TROJAN Win32.Agent.cyt (Or variant) HTTP POST Checkin; [1
5,9392015/01/20 2008000  ET MALWARE Easydownloadsoft.com Fake Anti-Virus User-Agent (IM Downloader); [1
5,9382015/01/20 2007999  ET TROJAN Banker Trojan (General) HTTP Checkin (vit); [1
5,9372015/01/20 2007998  ET ACTIVEX Rediff Bol Downloader ActiveX Control Remote Code Execution; [1,2
5,9362015/01/20 2007996  ET MALWARE Sears.com/Kmart.com My SHC Community spyware download; [1,2,3
5,9352015/01/20 2007995  ET MALWARE Vaccine-program.co.kr Related Spyware Checkin; [1
5,9342015/01/20 2007994  ET MALWARE Suspicious User-Agent (1 space); [1
5,9332015/01/20 2007993  ET MALWARE User-Agent (2 spaces); [1
5,9322015/01/20 2007992  ET TROJAN Shark Pass Stealer Email Report; [1
5,9312015/01/20 2007991  ET MALWARE User-Agent (Unknown); [1
5,9302015/01/20 2007990  ET TROJAN Vundo HTTP Post-Install Checkin; [1
5,9292015/01/20 2007989  ET TROJAN Vundo HTTP Pre-Install Checkin; [1
5,9282015/01/20 2007987  ET TROJAN Dropper.Win32.VB.on Keylog/System Info Report via HTTP; [1
5,9272015/01/20 2007986  ET TROJAN Emogen Reporting via HTTP; [1
5,9262015/01/20 2007984  ET TROJAN Banker Trojan (General) HTTP Checkin; [1
5,9252015/01/20 2007982  ET TROJAN Backdoor.Win32.VB.brg C&C DDoS Outbound; [1
5,9242015/01/20 2007981  ET TROJAN Backdoor.Win32.VB.brg C&C Kill Command Acknowledge; [1
5,9232015/01/20 2007980  ET TROJAN Backdoor.Win32.VB.brg C&C Kill Command Send; [1
5,9222015/01/20 2007979  ET TROJAN Backdoor.Win32.VB.brg C&C Reporting Version; [1
5,9212015/01/20 2007978  ET MALWARE Direct-web.co.kr Related Spyware Checkin; [1
5,9202015/01/20 2007977  ET MALWARE Dokterfix.com Fake AV User-Agent (Magic NetInstaller); [1
5,9192015/01/20 2007975  ET DELETED Common Downloader Trojan Checkin; [1
5,9182015/01/20 2007974  ET TROJAN Perfect Keylogger FTP Log Upload; [1
5,9172015/01/20 2007973  ET TROJAN Perfect Keylogger FTP Initial Install Log Upload; [1
5,9162015/01/20 2007972  ET POLICY SSN Detected in Clear Text (SSN# ); [1
5,9152015/01/20 2007971  ET POLICY SSN Detected in Clear Text (SSN ); [1
5,9142015/01/20 2007970  ET DELETED Vipdataend C&C Traffic - Checkin (XY); [1
5,9132015/01/20 2007968  ET TROJAN Universal1337 Email Upload of Compromised Data; [1,2
5,9122015/01/20 2007967  ET TROJAN Universal1337 FTP Upload of Compromised Data; [1,2
< 421  422  423  424  425  426  427  428  429  430 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.