시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
16,5612015/01/20 2019514  ET CURRENT_EVENTS Angler EK Java Exploit URI Struct;  
16,5602015/01/20 2019513  ET CURRENT_EVENTS Angler EK Flash Exploit URI Struct;  
16,5592015/01/20 2019512  ET POLICY Possible IP Check api.ipify.org;  
16,5582015/01/20 2019511  ET MALWARE Adware.InstallCore.B Checkin;  
16,5572015/01/20 2019510  ET MOBILE_MALWARE Android/Koler.C Checkin;  
16,5562015/01/20 2019509  ET TROJAN JST Perl IrcBot download; [1,2
16,5552015/01/20 2019508  ET TROJAN DNS Reply Sinkhole - IP - 161.69.13.44;  
16,5542015/01/20 2019507  ET CURRENT_EVENTS Possible Upatre SSL Cert www.tradeledstore.co.uk;  
16,5532015/01/20 2019506  ET CURRENT_EVENTS Possible Upatre SSL Cert Oct 24 2014;  
16,5522015/01/20 2019505  ET TROJAN BlackEnergy SSL Cert; [1
16,5512015/01/20 2019504  ET TROJAN BlackEnergy SSL Cert; [1
16,5502015/01/20 2019503  ET CURRENT_EVENTS SSL SinkHole Cert Possible Infected Host;  
16,5492015/01/20 2019502  ET TROJAN Wonton-JH Checkin; [1
16,5482015/01/20 2019501  ET TROJAN Vawtrak/NeverQuest Posting Data;  
16,5472015/01/20 2019500  ET TROJAN Vawtrak/NeverQuest Posting Data;  
16,5462015/01/20 2019499  ET TROJAN Vawtrak/NeverQuest Server Response;  
16,5452015/01/20 2019498  ET TROJAN W32/24x7Help.ScareWare CnC Beacon;  
16,5442015/01/20 2019497  ET CURRENT_EVENTS Nuclear EK Gate Injected iframe Oct 22 2014;  
16,5432015/01/20 2019496  ET CURRENT_EVENTS Possible Dyre SSL Cert Oct 22 2014;  
16,5422015/01/20 2019495  ET CURRENT_EVENTS Possible Dyre SSL Cert Oct 22 2014;  
16,5412015/01/20 2019494  ET CURRENT_EVENTS Possible Dyre SSL Cert Oct 22 2014;  
16,5402015/01/20 2019493  ET CURRENT_EVENTS Possible Dyre SSL Cert Oct 22 2014;  
16,5392015/01/20 2019492  ET EXPLOIT Possible Malicious NAT-PMP Response Successful UDP Map to External Network; [1
16,5382015/01/20 2019491  ET EXPLOIT Possible Malicious NAT-PMP Response Successful TCP Map to External Network; [1
16,5372015/01/20 2019490  ET EXPLOIT Possible Malicious NAT-PMP Response to External Network; [1
16,5362015/01/20 2019489  ET CURRENT_EVENTS Angler EK Landing Oct 22 2014;  
16,5352015/01/20 2019488  ET CURRENT_EVENTS Angler EK Oct 22 2014;  
16,5342015/01/20 2019487  ET CURRENT_EVENTS FlashPack Payload URI Struct Oct 22 2014;  
16,5332015/01/20 2019486  ET TROJAN Possible IRC Bot Common PRIVMSG Commands;  
16,5322015/01/20 2019485  ET CURRENT_EVENTS Win32/Zbot SSL Cert Oct 21 2014;  
16,5312015/01/20 2019484  ET CURRENT_EVENTS Orca RAT URI Struct 4; [1
16,5302015/01/20 2019483  ET CURRENT_EVENTS Orca RAT URI Struct 3; [1
16,5292015/01/20 2019482  ET CURRENT_EVENTS Orca RAT URI Struct 2; [1
16,5282015/01/20 2019481  ET CURRENT_EVENTS Orca RAT URI Struct 1; [1
16,5272015/01/20 2019480  ET CURRENT_EVENTS Job314 EK URI Landing Struct;  
16,5262015/01/20 2019479  ET CURRENT_EVENTS Job314 EK URI Exploit/Payload Struct;  
16,5252015/01/20 2019478  ET TROJAN Dridex POST Checkin;  
16,5242015/01/20 2019477  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dyre CnC); [1
16,5232015/01/20 2019471  ET TROJAN Possible IRCBot.DDOS Common Commands;  
16,5222015/01/20 2019470  ET CURRENT_EVENTS Win32/Zbot SSL Cert Oct 17 2014;  
16,5212015/01/20 2019469  ET TROJAN Deputy Dog checkin; [1
16,5202015/01/20 2019468  ET TROJAN Win32/Spy.KeyLogger.ODN Exfiltrating Data;  
16,5192015/01/20 2019467  ET TROJAN Win32/Spy.KeyLogger.ODN Checkin;  
16,5182015/01/20 2019466  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS CnC); [1
16,5172015/01/20 2019465  ET CURRENT_EVENTS BlackEnergy URI Struct Oct 17 2014 BE5; [1
16,5162015/01/20 2019464  ET CURRENT_EVENTS BlackEnergy URI Struct Oct 17 2014 BE4; [1
16,5152015/01/20 2019463  ET CURRENT_EVENTS BlackEnergy URI Struct Oct 17 2014 BE3; [1
16,5142015/01/20 2019462  ET CURRENT_EVENTS BlackEnergy URI Struct Oct 17 2014 BE2; [1
16,5132015/01/20 2019461  ET CURRENT_EVENTS BlackEnergy URI Struct Oct 17 2014 BE1; [1
16,5122015/01/20 2019460  ET WEB_SERVER MongoDB Negated Parameter Server Side JavaScript Injection Attempt; [1,2
< 211  212  213  214  215  216  217  218  219  220 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.