시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
16,4112015/01/20 2019359  ET CURRENT_EVENTS Nuclear EK Payload URI Struct Oct 5 2014;  
16,4102015/01/20 2019358  ET CURRENT_EVENTS Nuclear EK Payload URI Struct Oct 5 2014 (no alert);  
16,4092015/01/20 2019357  ET TROJAN SpyClicker.ClickFraud Query Instructions CnC Response; [1
16,4082015/01/20 2019356  ET DELETED W32/SpyClicker.ClickFraud Click CnC Beacon; [1
16,4072015/01/20 2019355  ET TROJAN W32/SpyClicker.ClickFraud CnC Beacon; [1
16,4062015/01/20 2019354  ET TROJAN Reply Sinkhole - irc-sinkhole.cert.pl;  
16,4052015/01/20 2019353  ET TROJAN Cryptolocker Checkin;  
16,4042015/01/20 2019352  ET CURRENT_EVENTS Possible Sweet Orange redirection 19 September 2014; [1
16,4032015/01/20 2019351  ET DELETED Possible Sweet Orange Secondary Landing;  
16,4022015/01/20 2019350  ET DOS Terse HTTP GET Likely GoodBye 5.2 DDoS tool;  
16,4012015/01/20 2019349  ET DOS Terse HTTP GET Likely AnonGhost DDoS tool;  
16,4002015/01/20 2019348  ET DOS Terse HTTP GET Likely AnonMafiaIC DDoS tool;  
16,3992015/01/20 2019347  ET DOS HTTP GET AAAAAAAA Likely FireFlood;  
16,3982015/01/20 2019346  ET DOS Terse HTTP GET Likely LOIC;  
16,3972015/01/20 2019344  ET CURRENT_EVENTS FAKEIE Minimal Headers (flowbit set); [1
16,3962015/01/20 2019343  ET CURRENT_EVENTS FAKEIE 11.0 Minimal Headers (flowbit set); [1
16,3952015/01/20 2019342  ET CURRENT_EVENTS Possible Dyre SSL Cert Oct 3 2014;  
16,3942015/01/20 2019341  ET CURRENT_EVENTS Cryptowall 2.0 DL URI Struct Oct 2 2014; [1
16,3932015/01/20 2019340  ET CURRENT_EVENTS Possible ComputerCop Log Transmitted via SMTP; [1
16,3922015/01/20 2019339  ET CURRENT_EVENTS DRIVEBY Generic URLENCODED CollectGarbage;  
16,3912015/01/20 2019338  ET CURRENT_EVENTS DRIVEBY Generic CollectGarbage in Hex;  
16,3902015/01/20 2019337  ET CURRENT_EVENTS Possible Upatre SSL Cert mypreschool.sg;  
16,3892015/01/20 2019335  ET EXPLOIT Possible Pure-FTPd CVE-2014-6271 attempt; [1
16,3882015/01/20 2019334  ET MOBILE_MALWARE iOS/Xsser checking library version; [1
16,3872015/01/20 2019333  ET MOBILE_MALWARE iOS/Xsser sending files; [1
16,3862015/01/20 2019332  ET MOBILE_MALWARE iOS/Xsser sending GPS info; [1
16,3852015/01/20 2019331  ET MOBILE_MALWARE iOS/Xsser Checkin; [1
16,3842015/01/20 2019330  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (UPATRE CnC); [1
16,3832015/01/20 2019329  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS C2); [1
16,3822015/01/20 2019328  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS C2); [1
16,3812015/01/20 2019327  ET TROJAN Likely Bot Nick in IRC (Country Code ISO 3166-1 alpha-3;  
16,3802015/01/20 2019326  ET TROJAN Likely Bot Nick in IRC (Country Code ISO 3166-1 alpha-2;  
16,3792015/01/20 2019325  ET CURRENT_EVENTS Flashpack Redirect Method 3;  
16,3782015/01/20 2019324  ET CURRENT_EVENTS suspicious embedded zip file in web page;  
16,3772015/01/20 2019323  ET EXPLOIT Possible OpenVPN CVE-2014-6271 attempt; [1
16,3762015/01/20 2019322  ET EXPLOIT Possible OpenVPN CVE-2014-6271 attempt; [1
16,3752015/01/20 2019321  ET CURRENT_EVENTS Upatre redirector 29 Sept 2014 - POST;  
16,3742015/01/20 2019320  ET CURRENT_EVENTS Possible Dyre SSL Cert Sept 30 2014;  
16,3732015/01/20 2019319  ET CURRENT_EVENTS Possible Dyre SSL Cert Sept 30 2014;  
16,3722015/01/20 2019318  ET MOBILE_MALWARE Android/Code4hk.A Checkin; [1
16,3712015/01/20 2019317  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (UPATRE CnC); [1
16,3702015/01/20 2019316  ET TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL certificate detected (KINS CnC); [1
16,3692015/01/20 2019315  ET CURRENT_EVENTS DRIVEBY Nuclear EK Landing Sep 29 2014;  
16,3682015/01/20 2019314  ET WEB_SERVER Possible bash shell piped to dev udp Inbound to WebServer;  
16,3672015/01/20 2019313  ET TROJAN Sourtoff Receiving Simda Payload;  
16,3662015/01/20 2019312  ET TROJAN Sourtoff Download Simda Request;  
16,3652015/01/20 2019311  ET CURRENT_EVENTS Upatre redirector GET Sept 29 2014;  
16,3642015/01/20 2019310  ET WEB_SERVER WGET Command Specifying Output in HTTP Headers; [1
16,3632015/01/20 2019309  ET WEB_SERVER WGET Command Specifying Output in HTTP Headers; [1
16,3622015/01/20 2019308  ET WEB_SERVER CURL Command Specifying Output in HTTP Headers; [1
< 211  212  213  214  215  216  217  218  219  220 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.