시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
10,8612015/01/20 2013539  ET TROJAN BKDR_BTMINE.MNR BitCoin Miner Server Checkin; [1
10,8602015/01/20 2013538  ET TROJAN BKDR_BTMINE.MNR BitCoin Miner Retrieving New Malware From Server; [1
10,8592015/01/20 2013537  ET TROJAN BKDR_BTMINE.MNR BitCoin Miner Retrieving New IP Addresses From Server; [1
10,8582015/01/20 2013536  ET TROJAN BKDR_BTMINE.MNR BitCoin Miner Retrieving Server IP Addresses; [1
10,8572015/01/20 2013535  ET INFO HTTP Request to a *.tc domain;  
10,8562015/01/20 2013534  ET TROJAN VirTool.Win32/VBInject.gen!DM Checkin; [1
10,8552015/01/20 2013533  ET TROJAN Backdoor.Win32.Fynloski.A Command Response; [1,2
10,8542015/01/20 2013532  ET TROJAN Backdoor.Win32.Fynloski.A Command Request; [1,2
10,8532015/01/20 2013531  ET TROJAN MS Terminal Server User A Login, possible Morto Outbound;  
10,8522015/01/20 2013530  ET TROJAN Spyeye Data Exfiltration 9;  
10,8512015/01/20 2013529  ET TROJAN Spyeye Data Exfiltration 8;  
10,8502015/01/20 2013528  ET TROJAN Spyeye Data Exfiltration 7;  
10,8492015/01/20 2013527  ET TROJAN Spyeye Data Exfiltration 6;  
10,8482015/01/20 2013526  ET TROJAN Spyeye Data Exfiltration 5;  
10,8472015/01/20 2013525  ET TROJAN Spyeye Data Exfiltration 4;  
10,8462015/01/20 2013524  ET TROJAN Spyeye Data Exfiltration 3;  
10,8452015/01/20 2013523  ET TROJAN Spyeye Data Exfiltration 2;  
10,8442015/01/20 2013522  ET TROJAN Spyeye Data Exfiltration 1;  
10,8432015/01/20 2013521  ET TROJAN Spyeye Data Exfiltration 0;  
10,8422015/01/20 2013520  ET DELETED Unknown Loader *.jpg?t=0.* in http_uri;  
10,8412015/01/20 2013519  ET TROJAN Driveby Loader Request sn.php;  
10,8402015/01/20 2013518  ET TROJAN Driveby Loader Request List.php;  
10,8392015/01/20 2013517  ET DELETED Morto Worm Rar Download; [1
10,8382015/01/20 2013516  ET TROJAN TR/Spy.Gen checkin via dns ANY query; [1,2,3
10,8372015/01/20 2013515  ET TROJAN Potential DNS Command and Control via TXT queries; [1
10,8362015/01/20 2013514  ET TROJAN Potential DNS Command and Control via TXT queries; [1
10,8352015/01/20 2013513  ET TROJAN W32/Bancos Reporting;  
10,8342015/01/20 2013512  ET TROJAN Suspicious User-Agent (MadeByLc);  
10,8332015/01/20 2013511  ET TROJAN Win32/CazinoSilver Checkin;  
10,8322015/01/20 2013510  ET TROJAN W32/Lalus Trojan Downloader User Agent (Message Center);  
10,8312015/01/20 2013509  ET TROJAN W32/Lalus Trojan Downloader Checkin;  
10,8302015/01/20 2013508  ET TROJAN Downloader User-Agent HTTPGET;  
10,8292015/01/20 2013507  ET TROJAN Win32/Dynamer Trojan Dropper User-Agent VB Http; [1
10,8282015/01/20 2013506  ET TROJAN W32/Badlib Connectivity Check To Department of Defense Intelligence Information Systems; [1,2
10,8272015/01/20 2013505  ET POLICY GNU/Linux YUM User-Agent Outbound likely related to package management; [1
10,8262015/01/20 2013504  ET POLICY GNU/Linux APT User-Agent Outbound likely related to package management; [1
10,8252015/01/20 2013503  ET POLICY OS X Software Update Request Outbound; [1
10,8242015/01/20 2013502  ET TROJAN Win32/Wizpop Checkin; [1
10,8232015/01/20 2013501  ET DELETED Known Fraudulent DigiNotar SSL Certificate for google.com 2; [1
10,8222015/01/20 2013500  ET CURRENT_EVENTS Known Fraudulent DigiNotar SSL Certificate for google.com; [1
10,8212015/01/20 2013499  ET POLICY IncrediMail Install Callback; [1
10,8202015/01/20 2013498  ET POLICY Netflix Streaming Player Access; [1
10,8192015/01/20 2013497  ET TROJAN MS Terminal Server User A Login, possible Morto inbound;  
10,8182015/01/20 2013496  ET TROJAN DNS query for Morto RDP worm related domain jifr.co.be; [1
10,8172015/01/20 2013495  ET TROJAN DNS query for Morto RDP worm related domain jifr.info; [1
10,8162015/01/20 2013494  ET TROJAN DNS query for Morto RDP worm related domain qfsl.co.cc; [1
10,8152015/01/20 2013493  ET TROJAN DNS query for Morto RDP worm related domain qfsl.co.be; [1
10,8142015/01/20 2013492  ET SCAN McAfee/Foundstone Scanner Web Scan; [1
10,8132015/01/20 2013491  ET POLICY NetBIOS nbtstat Type Query Inbound;  
10,8122015/01/20 2013490  ET POLICY NetBIOS nbtstat Type Query Outbound;  
< 321  322  323  324  325  326  327  328  329  330 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.