시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
23,6112016/09/24 2023260  ET TROJAN Libyan Scorpions Netwire RAT DNS Lookup (wininit .myq-see.com); [1
23,6102016/09/24 2023261  ET TROJAN ABUSE.CH Ransomware Domain Detected (Locky C2); [1
23,6092016/09/24 2023262  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
23,6082016/09/24 2023258  ET TROJAN Libyan Scorpions Adwind DNS Lookup (sara2011 .no-ip.biz); [1
23,6072016/09/24 2023259  ET TROJAN Libyan Scorpions Netwire RAT DNS Lookup (samsung .ddns.me); [1
23,6062016/09/24 2023256  ET TROJAN Libyan Scorpions Adwind DNS Lookup (winmeif .myq-see.com); [1
23,6052016/09/24 2023255  ET SMTP Incoming SMTP Message with Possibly Malicious MIME Epilogue 2016-05-13 (BadEpilogue); [1
23,6042016/09/24 2023257  ET TROJAN Libyan Scorpions Adwind DNS Lookup (collge .myq-see.com); [1
23,6032016/09/24 2023254  ET TROJAN MSIL/Spy.Agent.HF Checkin; [1,2
23,6022016/09/22 2023253  ET EXPLOIT CVE-2015-2419 As observed in Magnitude EK;  
23,6012016/09/21 2023251  ET CURRENT_EVENTS Evil Redirector Leading to EK Sep 19 2016 (EItest Inject) M2;  
23,6002016/09/21 2023252  ET CURRENT_EVENTS Evil Redirector Leading to EK Sep 20 2016;  
23,5992016/09/21 2023250  ET CURRENT_EVENTS Evil Redirector Leading to EK Sep 19 2016 (EItest Inject);  
23,5982016/09/21 2023247  ET TROJAN Ransomware Locky .onion Payment Domain (f5xraa2y2ybtrefz);  
23,5972016/09/21 2023249  ET CURRENT_EVENTS Possible EITest Flash Redirect Sep 19 2016;  
23,5962016/09/21 2023248  ET CURRENT_EVENTS Evil Redirector Leading to EK Sep 19 2016;  
23,5952016/09/17 2023246  ET TROJAN Windows sc query Microsoft Windows DOS prompt command exit OUTBOUND;  
23,5942016/09/16 2023243  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
23,5932016/09/16 2023241  ET TROJAN LuminosityLink - Inbound Data Channel CnC Delimiter;  
23,5922016/09/16 2023245  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
23,5912016/09/16 2023244  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
23,5902016/09/16 2023242  ET TROJAN LuminosityLink - Outbound Data Channel CnC Delimiter;  
23,5892016/09/16 2023224  ET TROJAN Windows WMIC SHARE get Microsoft Windows DOS prompt command exit OUTBOUND;  
23,5882016/09/16 2023226  ET TROJAN Windows WMIC STARTUP get Microsoft Windows DOS prompt command exit OUTBOUND;  
23,5872016/09/16 2023236  ET CURRENT_EVENTS Microsoft Tech Support Scam M2 Sept 15 2016;  
23,5862016/09/16 2023240  ET MOBILE_MALWARE iOS DualToy Checkin; [1
23,5852016/09/16 2023231  ET WEB_SERVER HTTP Request to a *.33db9538.com domain - Anuna Checkin - Compromised PHP Site; [1,2
23,5842016/09/16 2023228  ET WEB_SERVER DNS Query for Suspicious 9507c4e8.com Domain - Anuna Checkin - Compromised PHP Site; [1,2
23,5832016/09/16 2023238  ET CURRENT_EVENTS PC Support Tech Support Scam Sept 15 2016;  
23,5822016/09/16 2023239  ET CURRENT_EVENTS Microsoft Tech Support Scam M3 Sept 15 2016;  
23,5812016/09/16 2023229  ET WEB_SERVER DNS Query for Suspicious e5b57288.com Domain - Anuna Checkin - Compromised PHP Site; [1,2
23,5802016/09/16 2023233  ET WEB_SERVER HTTP Request to a *.e5b57288.com domain - Anuna Checkin - Compromised PHP Site; [1,2
23,5792016/09/16 2023235  ET CURRENT_EVENTS Microsoft Tech Support Scam M1 Sept 15 2016;  
23,5782016/09/16 2023237  ET CURRENT_EVENTS Possible Fake AV Phone Scam Long Domain Sept 15 2016;  
23,5772016/09/16 2023234  ET WEB_SERVER HTTP Request to a *.54dfa1cb.com domain - Anuna Checkin - Compromised PHP Site; [1,2
23,5762016/09/16 2023227  ET WEB_SERVER DNS Query for Suspicious 33db9538.com Domain - Anuna Checkin - Compromised PHP Site; [1,2
23,5752016/09/16 2023230  ET WEB_SERVER DNS Query for Suspicious 54dfa1cb.com Domain - Anuna Checkin - Compromised PHP Site; [1,2
23,5742016/09/16 2023232  ET WEB_SERVER HTTP Request to a *.9507c4e8.com domain - Anuna Checkin - Compromised PHP Site; [1,2
23,5732016/09/16 2023225  ET TROJAN Windows WMIC SYSACCOUNT get Microsoft Windows DOS prompt command exit OUTBOUND;  
23,5722016/09/16 2023221  ET TROJAN Windows WMIC PROCESS get Microsoft Windows DOS prompt command exit OUTBOUND;  
23,5712016/09/16 2023219  ET TROJAN Windows WMIC NETLOGIN get Microsoft Windows DOS prompt command exit OUTBOUND;  
23,5702016/09/16 2023217  ET TROJAN Windows WMIC OS get Microsoft Windows DOS prompt command exit OUTBOUND;  
23,5692016/09/16 2023218  ET TROJAN Windows WMIC COMPUTERSYSTEM get Microsoft Windows DOS prompt command exit OUTBOUND;  
23,5682016/09/16 2023223  ET TROJAN Windows WMIC SERVICE get Microsoft Windows DOS prompt command exit OUTBOUND;  
23,5672016/09/16 2023222  ET TROJAN Windows WMIC SERVER get Microsoft Windows DOS prompt command exit OUTBOUND;  
23,5662016/09/16 2023220  ET TROJAN Windows WMIC NIC get Microsoft Windows DOS prompt command exit OUTBOUND;  
23,5652016/09/16 2023216  ET TROJAN Windows netsh advfirewall show allprofiles Microsoft Windows DOS prompt command exit OUTBOUND;  
23,5642016/09/16 2023214  ET TROJAN Windows quser Microsoft Windows DOS prompt command exit OUTBOUND;  
23,5632016/09/16 2023215  ET TROJAN Windows gpresult Microsoft Windows DOS prompt command exit OUTBOUND;  
23,5622016/09/16 2023213  ET TROJAN Windows qwinsta Microsoft Windows DOS prompt command exit OUTBOUND;  
< 71  72  73  74  75  76  77  78  79  80 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.