시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
23,5112016/09/02 2023145  ET CURRENT_EVENTS CVE-2014-6332 Sep 01 2016 (HFS Actor) M1;  
23,5102016/09/02 2023144  ET TROJAN AgentTesla PWS HTTP CnC Checkin;  
23,5092016/09/02 2023146  ET CURRENT_EVENTS CVE-2014-6332 Sep 01 2016 (HFS Actor) M2;  
23,5082016/09/02 2023142  ET TROJAN TorrentLocker DNS Lookup (bigcrashcar.net); [1
23,5072016/09/02 2023143  ET WEB_SERVER AnonGhost PHP Webshell;  
23,5062016/09/02 2023147  ET TROJAN Locky Ransomware Renaming File via SMB;  
23,5052016/08/30 2023140  ET EXPLOIT Possible Challack Tool in use; [1
23,5042016/08/30 2023141  ET EXPLOIT RST Flood With Window; [1
23,5032016/08/27 2023137  ET INFO Suspicious POST to .tk domain with Password;  
23,5022016/08/27 2023134  ET TROJAN Possible Pegasus/Trident Related HTTP Beacon 4; [1
23,5012016/08/27 2023132  ET TROJAN Possible Pegasus/Trident Related HTTP Beacon 2; [1
23,5002016/08/27 2023136  ET TROJAN Possible Pegasus/Trident Related HTTP Beacon 5; [1
23,4992016/08/27 2023139  ET INFO Form Data Submitted to yolasite.com - Possible Phishing;  
23,4982016/08/27 2023138  ET CURRENT_EVENTS Suspicious Proxifier DL (non-browser observed in maldoc campaigns);  
23,4972016/08/27 2023131  ET TROJAN Possible Pegasus/Trident Related HTTP Beacon 1; [1
23,4962016/08/27 2023133  ET TROJAN Possible Pegasus/Trident Related HTTP Beacon 3; [1
23,4952016/08/26 2023092  ET CURRENT_EVENTS Possible Google Drive Phishing Domain Aug 25 2016;  
23,4942016/08/26 2023093  ET TROJAN Possible Pegasus Related DNS Lookup (aalaan .tv); [1
23,4932016/08/26 2023091  ET TROJAN Backdoor.Win32.DarkComet Keepalive Outbound;  
23,4922016/08/26 2023090  ET TROJAN PNScan.2 CnC Beacon 2; [1,2
23,4912016/08/26 2023085  ET TROJAN R980/CRYPBEE.A Ransomware Activity; [1
23,4902016/08/26 2023088  ET TROJAN PNScan.2 Inbound Status Check Response; [1,2
23,4892016/08/26 2023087  ET TROJAN PNScan.2 Inbound Status Check - set; [1,2
23,4882016/08/26 2023089  ET TROJAN PNScan.2 CnC Beacon; [1,2
23,4872016/08/26 2023086  ET EXPLOIT CISCO FIREWALL SNMP Buffer Overflow Extrabacon (CVE-2016-6366);  
23,4862016/08/25 2023084  ET TROJAN Ransomware Locky .onion Payment Domain (5n7y4yihirccftc5);  
23,4852016/08/24 2023083  ET TROJAN Alfa/Alpha Ransomware Checkin; [1
23,4842016/08/21 2023081  ET TROJAN Curso Banker.BR Checkin;  
23,4832016/08/21 2023082  ET TROJAN Curso Banker Downloading Modules;  
23,4822016/08/20 2023077  ET TROJAN Aveo C2 Response; [1
23,4812016/08/20 2023078  ET TROJAN Aveo C2 Request; [1
23,4802016/08/20 2023080  ET CURRENT_EVENTS Fake Mobile Virus Scam M2 Aug 18 2016;  
23,4792016/08/20 2023076  ET TROJAN Aveo Checkin; [1
23,4782016/08/20 2023079  ET CURRENT_EVENTS Fake Mobile Virus Scam M1 Aug 18 2016;  
23,4772016/08/18 2023069  ET CURRENT_EVENTS SMS Fake Mobile Virus Scam Aug 16 2016;  
23,4762016/08/18 2023072  ET CURRENT_EVENTS Successful Netflix Phish Aug 17 2016;  
23,4752016/08/18 2023070  ET EXPLOIT Equation Group ExtraBacon Cisco ASA PMCHECK Disable; [1
23,4742016/08/18 2023074  ET CURRENT_EVENTS Evil Redirect Leading to EK Aug 17 2016;  
23,4732016/08/18 2023067  ET INFO Symantec Download Flowbit Set;  
23,4722016/08/18 2023073  ET CURRENT_EVENTS Netflix Phishing Landing Aug 17 2016;  
23,4712016/08/17 2023064  ET CURRENT_EVENTS Successful Credit Agricole Phish Aug 15 2016 M2;  
23,4702016/08/17 2023065  ET CURRENT_EVENTS Possible Square Enix Phishing Domain Aug 15 2016;  
23,4692016/08/17 2023060  ET TROJAN DarkHotel DNS Lookup (apply.ebizx.net); [1
23,4682016/08/17 2023066  ET CURRENT_EVENTS Possible Bank of America Phishing Domain Aug 15 2016;  
23,4672016/08/17 2023062  ET CURRENT_EVENTS Email Storage Upgrade Phishing Landing Aug 15 2016;  
23,4662016/08/17 2023061  ET CURRENT_EVENTS Successful Excel Phish Aug 15 2016;  
23,4652016/08/17 2023059  ET TROJAN DarkHotel DNS Lookup (apply-wsu.ebizx.net); [1
23,4642016/08/17 2023063  ET CURRENT_EVENTS Successful Credit Agricole Phish Aug 15 2016 M1;  
23,4632016/08/14 2023053  ET DOS DNS Amplification Attack Possible Inbound Windows Non-Recursive Root Hint Reserved Port; [1,2
23,4622016/08/14 2023054  ET DOS DNS Amplification Attack Possible Outbound Windows Non-Recursive Root Hint Reserved Port; [1,2
< 71  72  73  74  75  76  77  78  79  80 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.