시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
11,0612015/01/20 2013823  ET INFO DYNAMIC_DNS Query to a Suspicious *.myftp.biz Domain;  
11,0602015/01/20 2013822  ET DELETED Trojan.Kryptik/proscan.co.kr Checkin 2; [1
11,0592015/01/20 2013821  ET TROJAN Trojan.Kryptik/proscan.co.kr Checkin; [1
11,0582015/01/20 2013819  ET TROJAN Tatanga/Win32.Kexject.A Checkin; [1
11,0572015/01/20 2013818  ET WEB_SPECIFIC_APPS WHMCompleteSolution templatefile Parameter Local File Inclusion Attempt; [1
11,0562015/01/20 2013817  ET WEB_SPECIFIC_APPS Wordpress Easy Stats plugin homep Parameter Remote File inclusion Attempt; [1,2
11,0552015/01/20 2013816  ET WEB_SPECIFIC_APPS Joomla YJ Contact Local File Inclusion Vulnerability; [1
11,0542015/01/20 2013815  ET WEB_SPECIFIC_APPS PHool mainnav Parameter Remote File inclusion Attempt; [1
11,0532015/01/20 2013814  ET ACTIVEX Oracle AutoVue Activex Insecure method (ExportEdaBom) Format String Function Call; [1
11,0522015/01/20 2013813  ET ACTIVEX Oracle AutoVue Activex Insecure method (ExportEdaBom); [1
11,0512015/01/20 2013812  ET ACTIVEX Oracle AutoVue Activex Insecure method (Export3DBom) Format String Function Call; [1
11,0502015/01/20 2013811  ET ACTIVEX Oracle AutoVue Activex Insecure method (Export3DBom); [1
11,0492015/01/20 2013810  ET ACTIVEX Oracle AutoVue Activex Insecure method (SaveViewStateToFile) Format String Function Call; [1
11,0482015/01/20 2013809  ET ACTIVEX Oracle AutoVue Activex Insecure method (SaveViewStateToFile); [1
11,0472015/01/20 2013808  ET TROJAN Dooptroop Dropper Checkin;  
11,0462015/01/20 2013807  ET TROJAN Jorik FakeAV GET;  
11,0452015/01/20 2013806  ET CURRENT_EVENTS Suspicious Self Signed SSL Certificate with admin@common Possible SSL CnC;  
11,0442015/01/20 2013805  ET CURRENT_EVENTS Suspicious Self Signed SSL Certificate CN of common Possible SSL CnC;  
11,0432015/01/20 2013804  ET DELETED Possible Redirection to Unknown Exploit Pack; [1
11,0422015/01/20 2013803  ET DELETED Unknown checkin;  
11,0412015/01/20 2013802  ET TROJAN Cycbot POST; [1,2
11,0402015/01/20 2013801  ET POLICY Incoming Chromoting Session; [1
11,0392015/01/20 2013800  ET POLICY OutGoing Chromoting Session; [1
11,0382015/01/20 2013799  ET TROJAN Win32.Trojan.SuspectCRC FakeAV Checkin; [1
11,0372015/01/20 2013798  ET TROJAN Win32.PEx.Delphi.1151005043 Post-infection Checkin; [1,2
11,0362015/01/20 2013797  ET MALWARE Win32/Adware.Winggo.AB Checkin; [1,2
11,0352015/01/20 2013796  ET DELETED W32/Bifrose Second Stage Obfuscated Binary Download Claiming to Be JPEG;  
11,0342015/01/20 2013795  ET TROJAN Bifrose/Cycbot Checkin;  
11,0332015/01/20 2013794  ET TROJAN Dropper.Win32.Npkon Server Responce; [1
11,0322015/01/20 2013793  ET TROJAN Dropper.Win32.Npkon Client Checkin; [1
11,0312015/01/20 2013792  ET SCAN Apache mod_proxy Reverse Proxy Exposure 2; [1,2
11,0302015/01/20 2013791  ET SCAN Apache mod_proxy Reverse Proxy Exposure 1; [1,2
11,0292015/01/20 2013790  ET TROJAN Cnzz.cn Related Dropper Checkin;  
11,0282015/01/20 2013789  ET DELETED Win32.PEx.C.91139756616/Win32.Zwangi-BU Checkin; [1,2
11,0272015/01/20 2013788  ET CURRENT_EVENTS Likely Blackhole Exploit Kit Driveby ?doit Download Secondary Request;  
11,0262015/01/20 2013787  ET CURRENT_EVENTS Blackhole Acrobat 1-7 PDF exploit download request 2;  
11,0252015/01/20 2013786  ET CURRENT_EVENTS Blackhole Acrobat 8/9.3 PDF exploit download request 2;  
11,0242015/01/20 2013785  ET TROJAN Zentom FakeAV Checkin;  
11,0232015/01/20 2013784  ET POLICY Windows Mobile 7.0 User-Agent detected;  
11,0222015/01/20 2013783  ET TROJAN W32.Duqu UA and Filename Requested; [1
11,0212015/01/20 2013782  ET DELETED W32.Duqu User-Agent; [1
11,0202015/01/20 2013781  ET TROJAN Win32.Scar.dvov Searchstar.co.kr related Checkin; [1
11,0192015/01/20 2013780  ET TROJAN Suspicious HTTP Request for gift.exe;  
11,0182015/01/20 2013779  ET SCAN Positive Technologies XSpider Security Scanner User-Agent (PTX); [1
11,0172015/01/20 2013778  ET SCAN NMAP SQL Spider Scan; [1
11,0162015/01/20 2013777  ET CURRENT_EVENTS Saturn Exploit Kit probable Java MIDI exploit request;  
11,0152015/01/20 2013776  ET CURRENT_EVENTS Saturn Exploit Kit probable Java exploit request;  
11,0142015/01/20 2013775  ET CURRENT_EVENTS Saturn Exploit Kit binary download request;  
11,0132015/01/20 2013774  ET TROJAN Win32.Cerberus RAT Server ping; [1
11,0122015/01/20 2013773  ET TROJAN Win32.Cerberus RAT Client pong; [1
< 321  322  323  324  325  326  327  328  329  330 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.