시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
10,4112015/01/20 2013079  ET MOBILE_MALWARE Android.YzhcSms URL for Possible File Download; [1
10,4102015/01/20 2013078  ET MOBILE_MALWARE Android.YzhcSms CnC Keepalive Message; [1
10,4092015/01/20 2013077  ET CURRENT_EVENTS Blackhole Exploit Pack HCP overflow Media Player lt 10;  
10,4082015/01/20 2013076  ET TROJAN Zeus Bot GET to Google checking Internet connectivity; [1,2
10,4072015/01/20 2013075  ET TROJAN Large DNS Query possible covert channel;  
10,4062015/01/20 2013074  ET SCADA DATAC RealWin SCADA Server 2 On_FC_CONNECT_FCS_a_FILE Buffer Overflow Vulnerability; [1
10,4052015/01/20 2013073  ET TROJAN Win32.Meredrop Checkin; [1
10,4042015/01/20 2013072  ET MOBILE_MALWARE Android.HongTouTou Checkin; [1
10,4032015/01/20 2013071  ET TROJAN Dropper.MSIL.Agent.ate Checkin; [1
10,4022015/01/20 2013070  ET WEB_CLIENT Adobe Shockwave Director tSAC Chunk memory corruption Attempt; [1
10,4012015/01/20 2013069  ET WEB_CLIENT Adobe Shockwave rcsL Chunk Remote Code Execution Attempt; [1
10,4002015/01/20 2013068  ET WEB_SERVER Possible GRANT TO SQL Injection Attempt; [1
10,3992015/01/20 2013067  ET DELETED Win32/Fynloski Backdoor Keepalive Message; [1
10,3982015/01/20 2013066  ET CURRENT_EVENTS Java Exploit Attempt applet via file URI setAttribute; [1
10,3972015/01/20 2013065  ET CURRENT_EVENTS Possible CVE-2011-2110 Flash Exploit Attempt; [1
10,3962015/01/20 2013064  ET TROJAN Possible Tracur.Q HTTP Communication; [1
10,3952015/01/20 2013063  ET MOBILE_MALWARE DroidKungFu Checkin 3; [1,2,3,4
10,3942015/01/20 2013062  ET TROJAN MacShield FakeAV CnC Communication; [1
10,3932015/01/20 2013061  ET CURRENT_EVENTS Sidename.js Injected Script Served by Local WebServer; [1
10,3922015/01/20 2013060  ET DELETED Client Visiting Sidename.js Injected Website - Malware Related; [1
10,3912015/01/20 2013059  ET POLICY BitCoin;  
10,3902015/01/20 2013058  ET WEB_SERVER Outbound PHP User-Agent; [1
10,3892015/01/20 2013057  ET WEB_SERVER Inbound PHP User-Agent; [1
10,3882015/01/20 2013056  ET POLICY Peach C Library User Agent Outbound; [1,2
10,3872015/01/20 2013055  ET POLICY Peach C Library User Agent Inbound; [1,2
10,3862015/01/20 2013054  ET USER_AGENTS PyCurl Suspicious User Agent Outbound; [1
10,3852015/01/20 2013053  ET WEB_SERVER PyCurl Suspicious User Agent Inbound; [1
10,3842015/01/20 2013052  ET USER_AGENTS pxyscand/ Suspicious User Agent Outbound; [1
10,3832015/01/20 2013051  ET WEB_SERVER pxyscand Suspicious User Agent Inbound; [1
10,3822015/01/20 2013050  ET USER_AGENTS Binget PHP Library User Agent Outbound; [1,2
10,3812015/01/20 2013049  ET WEB_SERVER Binget PHP Library User Agent Inbound; [1,2
10,3802015/01/20 2013048  ET CURRENT_EVENTS Fake Shipping Invoice Request to JPG.exe Executable;  
10,3792015/01/20 2013047  ET TROJAN DonBot Checkin; [1
10,3782015/01/20 2013046  ET TROJAN DLoader PWS Module Data Upload Activity; [1,2,3,4,5
10,3772015/01/20 2013045  ET TROJAN DLoader File Download Request Activity; [1,2,3,4,5
10,3762015/01/20 2013044  ET MOBILE_MALWARE Android.Plankton/Tonclank Control Server Responding With JAR Download URL; [1,2
10,3752015/01/20 2013043  ET POLICY Android.Plankton/Tonclank Successful Installation Device Information POST Message Body; [1,2
10,3742015/01/20 2013042  ET POLICY Android.Plankton/Tonclank Successful Installation Device Information POST; [1,2
10,3732015/01/20 2013041  ET MOBILE_MALWARE DNS Query For Known Mobile Malware Control Server Searchwebmobile.com; [1
10,3722015/01/20 2013040  ET MOBILE_MALWARE Android.Tonclank JAR File Download; [1
10,3712015/01/20 2013039  ET DELETED Android.Tonclank Sending Device Information; [1
10,3702015/01/20 2013038  ET MOBILE_MALWARE DNS Query For Known Mobile Malware Control Server Waplove.cn; [1
10,3692015/01/20 2013037  ET POLICY Java EXE Download;  
10,3682015/01/20 2013036  ET TROJAN Java EXE Download by Vulnerable Version - Likely Driveby;  
10,3672015/01/20 2013035  ET POLICY Java Client HTTP Request;  
10,3662015/01/20 2013034  ET TROJAN WebToolbar.Win32.WhenU.r Reporting; [1
10,3652015/01/20 2013033  ET USER_AGENTS EmailSiphon Suspicious User-Agent Outbound; [1
10,3642015/01/20 2013032  ET USER_AGENTS EmailSiphon Suspicious User-Agent Inbound; [1
10,3632015/01/20 2013031  ET POLICY Python-urllib/ Suspicious User Agent; [1
10,3622015/01/20 2013030  ET POLICY libwww-perl User-Agent; [1
< 331  332  333  334  335  336  337  338  339  340 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.