|
|
|
번호 | 날짜 | ID | 시그니처 (Total Ruleset: 27,111개) | 9,611 | 2015/01/20 | 2012261 | ET WEB_CLIENT Hex Obfuscation of parseInt %u UTF-8 Encoding; [1,2,3] | 9,610 | 2015/01/20 | 2012260 | ET WEB_CLIENT Hex Obfuscation of parseInt % Encoding; [1,2,3] | 9,609 | 2015/01/20 | 2012259 | ET SHELLCODE Common %u0c%u0c%u0c%u0c UTF-8 Heap Spray String; [1] | 9,608 | 2015/01/20 | 2012258 | ET SHELLCODE Common ?? UTF-16 Heap Spray String; [1] | 9,607 | 2015/01/20 | 2012257 | ET SHELLCODE Common Heap Spray String; [1] | 9,606 | 2015/01/20 | 2012256 | ET SHELLCODE Common 0c0c0c0c Heap Spray String; [1] | 9,605 | 2015/01/20 | 2012255 | ET SHELLCODE Common %u0a%u0a%u0a%u0a UTF-8 Heap Spray String; [1] | 9,604 | 2015/01/20 | 2012254 | ET SHELLCODE Common ?? UTF-16 Heap Spray String; [1] | 9,603 | 2015/01/20 | 2012253 | ET SHELLCODE Common
Heap Spray String; [1] | 9,602 | 2015/01/20 | 2012252 | ET SHELLCODE Common 0a0a0a0a Heap Spray String; [1] | 9,601 | 2015/01/20 | 2012251 | ET MOBILE_MALWARE Google Android Device HTTP Request; | 9,600 | 2015/01/20 | 2012250 | ET DELETED Unknown Web Backdoor Keep-Alive; | 9,599 | 2015/01/20 | 2012249 | ET USER_AGENTS Suspicious Win32 User Agent; | 9,598 | 2015/01/20 | 2012248 | ET TROJAN MUROFET/Licat Trojan Checkin Forum; [1,2] | 9,597 | 2015/01/20 | 2012247 | ET P2P BTWebClient UA uTorrent in use; | 9,596 | 2015/01/20 | 2012246 | ET USER_AGENTS W32/Goolbot.E Checkin UA Detected iamx; | 9,595 | 2015/01/20 | 2012245 | ET WEB_CLIENT Hex Obfuscation of document.write # Encoding; [1,2] | 9,594 | 2015/01/20 | 2012244 | ET WEB_CLIENT Possible # Encoded Iframe Tag; [1,2,3] | 9,593 | 2015/01/20 | 2012243 | ET WEB_CLIENT Possible %u UTF-16 Encoded Iframe Tag; [1,2,3] | 9,592 | 2015/01/20 | 2012242 | ET WEB_CLIENT Possible %u UTF-8 Encoded Iframe Tag; [1,2,3] | 9,591 | 2015/01/20 | 2012241 | ET WEB_CLIENT Possible % Encoded Iframe Tag; [1,2,3] | 9,590 | 2015/01/20 | 2012240 | ET TROJAN x0Proto Download Cmd; | 9,589 | 2015/01/20 | 2012239 | ET TROJAN x0Proto Ping; | 9,588 | 2015/01/20 | 2012238 | ET TROJAN x0Proto Pong; | 9,587 | 2015/01/20 | 2012237 | ET TROJAN x0Proto Client Info; | 9,586 | 2015/01/20 | 2012236 | ET TROJAN x0Proto Init; | 9,585 | 2015/01/20 | 2012235 | ET DELETED UPS Spam Inbound Variant 4; | 9,584 | 2015/01/20 | 2012234 | ET ACTIVEX Oracle Document Capture File Overwrite or Buffer Overflow Attempt; | 9,583 | 2015/01/20 | 2012233 | ET ACTIVEX Oracle Document Capture File Overwrite Attempt; | 9,582 | 2015/01/20 | 2012232 | ET ACTIVEX Oracle Document Capture File Deletion Attempt; | 9,581 | 2015/01/20 | 2012231 | ET ACTIVEX Oracle Document Capture Insecure Read Method File Access Attempt; | 9,580 | 2015/01/20 | 2012230 | ET WEB_SERVER Likely Malicious Request for /proc/self/environ; | 9,579 | 2015/01/20 | 2012229 | ET MALWARE Suspicious Chinese Content-Language zh-cn Which May be Malware Related; | 9,578 | 2015/01/20 | 2012228 | ET MALWARE Suspicious Russian Content-Language Ru Which May Be Malware Related; | 9,577 | 2015/01/20 | 2012227 | ET TROJAN FAKEAV Gemini softupdate*.exe download; | 9,576 | 2015/01/20 | 2012226 | ET TROJAN Win32/Banbra Banking Trojan Communication; [1] | 9,575 | 2015/01/20 | 2012225 | ET TROJAN Spy Banker Outbound Communication Attempt; [1] | 9,574 | 2015/01/20 | 2012224 | ET TROJAN Winsoft.E Checkin 3; [1,2] | 9,573 | 2015/01/20 | 2012223 | ET TROJAN Winsoft.E Checkin 2; [1,2] | 9,572 | 2015/01/20 | 2012222 | ET TROJAN Winsoft.E Checkin 1; [1,2] | 9,571 | 2015/01/20 | 2012221 | ET USER_AGENTS Malware Related msndown; [1] | 9,570 | 2015/01/20 | 2012220 | ET WEB_SPECIFIC_APPS B-Cumulus tagcloud-ru.swf Cross Site Scripting Attempt; [1] | 9,569 | 2015/01/20 | 2012219 | ET WEB_SPECIFIC_APPS BetMore Site Suite mainx_a.php bid Paramter Blind SQL Injection Attempt; [1] | 9,568 | 2015/01/20 | 2012218 | ET ACTIVEX Possible UserManager SelectServer method Buffer Overflow Attempt; [1] | 9,567 | 2015/01/20 | 2012217 | ET WEB_SPECIFIC_APPS LetoDMS lang Parameter Local File Inclusion Attempt; | 9,566 | 2015/01/20 | 2012216 | ET WEB_SPECIFIC_APPS B-Cumulus tagcloud.swf Cross Site Scripting Attempt; [1] | 9,565 | 2015/01/20 | 2012215 | ET WEB_SPECIFIC_APPS Tunngavik CMS id Parameter UPDATE SET SQL Injection Attempt; [1] | 9,564 | 2015/01/20 | 2012214 | ET WEB_SPECIFIC_APPS Tunngavik CMS id Parameter INSERT INTO SQL Injection Attempt; [1] | 9,563 | 2015/01/20 | 2012213 | ET WEB_SPECIFIC_APPS Tunngavik CMS id Parameter UNION SELECT SQL Injection Attempt; [1] | 9,562 | 2015/01/20 | 2012212 | ET WEB_SPECIFIC_APPS Tunngavik CMS id Parameter DELETE FROM SQL Injection Attempt; [1] | < 351 352 353 354 355 356 357 358 359 360 > |
|
Copyright ⓒ 2010 . All Rights Reserved.
|
|