시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
10,5112015/01/20 2013181  ET TROJAN Ponmocup Redirection from infected Website to Trojan-Downloader; [1
10,5102015/01/20 2013180  ET DELETED Ponmocup C2 Malware Update after fake JPEG download; [1
10,5092015/01/20 2013179  ET DELETED Ponmocup C2 Malware Update before fake JPEG download; [1
10,5082015/01/20 2013178  ET TROJAN Long Fake wget 3.0 User-Agent Detected;  
10,5072015/01/20 2013176  ET TROJAN EgyPack Exploit Kit Post-Infection Request; [1,2,3
10,5062015/01/20 2013175  ET CURRENT_EVENTS Likely EgyPack Exploit kit landing page (EGYPACK_CRYPT); [1,2,3
10,5052015/01/20 2013174  ET USER_AGENTS Atomic_Email_Hunter User-Agent Outbound; [1
10,5042015/01/20 2013173  ET USER_AGENTS Atomic_Email_Hunter User-Agent Inbound; [1
10,5032015/01/20 2013172  ET DNS DNS Query for a Suspicious *.cu.cc domain;  
10,5022015/01/20 2013171  ET SCAN DominoHunter Security Scan in Progress; [1
10,5012015/01/20 2013170  ET POLICY HTTP Request to a *.cu.cc domain;  
10,5002015/01/20 2013169  ET TROJAN Gozi Communication 2;  
10,4992015/01/20 2013168  ET TROJAN Generic Bot Checkin; [1
10,4982015/01/20 2013167  ET EXPLOIT FreeBSD OpenSSH 3.5p1 possible vulnerable server; [1,2
10,4972015/01/20 2013166  ET EXPLOIT 2Wire Password Reset Vulnerability via POST; [1,2
10,4962015/01/20 2013165  ET EXPLOIT 2Wire Password Reset Vulnerability via GET; [1,2
10,4952015/01/20 2013164  ET WEB_SPECIFIC_APPS Webcat web_id Parameter Blind SQL Injection Vulnerability; [1
10,4942015/01/20 2013163  ET ACTIVEX LEADTOOLS Imaging LEADSmtp ActiveX SaveMessage Method Vulnerability;  
10,4932015/01/20 2013162  ET ACTIVEX Ubisoft CoGSManager ActiveX RunCore method Buffer Overflow Vulnerability; [1
10,4922015/01/20 2013161  ET ACTIVEX Ubisoft CoGSManager ActiveX Initialize method Buffer Overflow Vulnerability; [1
10,4912015/01/20 2013160  ET ACTIVEX CygniCon CyViewer ActiveX Control SaveData Insecure Method Vulnerability;  
10,4902015/01/20 2013159  ET WEB_SPECIFIC_APPS Wordpress plugin Flash Album Gallery pid Parameter UPDATE SET SQL Injection Attempt; [1
10,4892015/01/20 2013158  ET WEB_SPECIFIC_APPS Wordpress plugin Flash Album Gallery pid Parameter INSERT INTO SQL Injection Attempt; [1
10,4882015/01/20 2013157  ET WEB_SPECIFIC_APPS Wordpress plugin Flash Album Gallery pid Parameter UNION SELECT SQL Injection Attempt; [1
10,4872015/01/20 2013156  ET WEB_SPECIFIC_APPS Wordpress plugin Flash Album Gallery pid Parameter DELETE FROM SQL Injection Attempt; [1
10,4862015/01/20 2013155  ET WEB_SPECIFIC_APPS Wordpress plugin Flash Album Gallery pid Parameter SELECT FROM SQL Injection Attempt; [1
10,4852015/01/20 2013154  ET TROJAN Backdoor.Win32.Gbod.dv Checkin;  
10,4842015/01/20 2013153  ET WEB_CLIENT Adobe Acrobat Reader FlateDecode Stream Predictor Exploit Attempt; [1
10,4832015/01/20 2013152  ET WEB_CLIENT Adobe Acrobat Util.printf Buffer Overflow Attempt; [1
10,4822015/01/20 2013150  ET WEB_SPECIFIC_APPS ZyXEL ZyWALL LoginPassword/HiddenPassword Cross Site Scripting Attempt;  
10,4812015/01/20 2013149  ET MALWARE RogueAntiSpyware.AntiVirusPro Checkin; [1
10,4802015/01/20 2013148  ET SHELLCODE JavaScript Redefinition of a HeapLib Object - Likely Malicious Heap Spray Attempt;  
10,4792015/01/20 2013147  ET SHELLCODE Possible ?? UTF-16 Heap Spray Attempt;  
10,4782015/01/20 2013146  ET SHELLCODE Possible %u41%u41%u41%u41 UTF-8 Heap Spray Attempt;  
10,4772015/01/20 2013145  ET SHELLCODE Possible AAAA Heap Spray Attempt;  
10,4762015/01/20 2013144  ET WEB_CLIENT Mozilla Firefox nsTreeSelection Element invalidateSelection Remote Code Execution Attempt;  
10,4752015/01/20 2013143  ET MOBILE_MALWARE SymbOS/Yxes KernelPara.jsp CnC Checkin Message; [1
10,4742015/01/20 2013142  ET MOBILE_MALWARE SymbOS/Yxes Jump.jsp CnC Checkin Message; [1
10,4732015/01/20 2013141  ET MOBILE_MALWARE SymbOS/Yxes Plugucsrv.sisx File Download; [1
10,4722015/01/20 2013140  ET MOBILE_MALWARE SymbOS/Yxes CnC Checkin Message; [1
10,4712015/01/20 2013139  ET MOBILE_MALWARE XML Style POST Of IMSI International Mobile Subscriber Identity; [1
10,4702015/01/20 2013138  ET MOBILE_MALWARE XML Style POST Of IMEI International Mobile Equipment Identity; [1
10,4692015/01/20 2013137  ET CURRENT_EVENTS Possible CVE-2011-2110 Flash Exploit Attempt Embedded in Web Page; [1
10,4682015/01/20 2013136  ET TROJAN FakeAV FakeAlertRena.n Checkin Response from Server;  
10,4672015/01/20 2013135  ET TROJAN FakeAV FakeAlert.Rena.n Checkin Flowbit set;  
10,4662015/01/20 2013134  ET WEB_SPECIFIC_APPS vBulletin vBTube uname Parameter Cross Site Scripting Attempt; [1
10,4652015/01/20 2013133  ET WEB_SPECIFIC_APPS vBulletin vBTube vidid Parameter Cross Site Scripting Attempt; [1
10,4642015/01/20 2013132  ET ACTIVEX Black Ice Fax Voice SDK GetFirstItem Method Remote Code Execution Exploit; [1
10,4632015/01/20 2013131  ET ACTIVEX Black Ice Fax Voice SDK GetItemQueue Method Remote Code Execution Exploit; [1
10,4622015/01/20 2013130  ET ACTIVEX Black Ice Cover Page SDK DownloadImageFileURL Method Exploit; [1
< 331  332  333  334  335  336  337  338  339  340 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.