시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
21,0612015/05/07 2021060  ET USER_AGENTS MSF Meterpreter Default User Agent; [1
21,0602015/05/07 2021058  ET SCAN Xenu Link Sleuth Scanner Outbound;  
21,0592015/05/07 2500154  ET COMPROMISED Known Compromised or Hostile Host Traffic group 78; [1
21,0582015/05/07 2500156  ET COMPROMISED Known Compromised or Hostile Host Traffic group 79; [1
21,0572015/05/07 2021057  ET TROJAN njRAT Variant Outbound CnC Beacon;  
21,0562015/05/06 2500152  ET COMPROMISED Known Compromised or Hostile Host Traffic group 77; [1
21,0552015/05/06 2021052  ET TROJAN Linux.Mumblehard Command Status CnC; [1
21,0542015/05/06 2021054  ET CURRENT_EVENTS Magnitude EK Flash Payload ShellCode Apr 23 2015;  
21,0532015/05/06 2021055  ET TROJAN Carbon FormGrabber/Retgate.A Checkin; [1
21,0522015/05/06 2021056  ET TROJAN Dyre Downloading Mailer 2; [1
21,0512015/05/06 2021053  ET TROJAN Linux.Mumblehard Spam Command CnC; [1
21,0502015/05/06 2021051  ET TROJAN Linux.Mumblehard Initial Checkin; [1
21,0492015/05/06 2021049  ET TROJAN Linux/DDoS.Sotdas Checkin;  
21,0482015/05/06 2021050  ET TROJAN Linux.Trojan.IptabLex Variant Checkin; [1
21,0472015/05/05 2500150  ET COMPROMISED Known Compromised or Hostile Host Traffic group 76; [1
21,0462015/05/05 2500146  ET COMPROMISED Known Compromised or Hostile Host Traffic group 74; [1
21,0452015/05/05 2500148  ET COMPROMISED Known Compromised or Hostile Host Traffic group 75; [1
21,0442015/05/03 2021046  ET CURRENT_EVENTS Unknown EK Landing Page May 01 2015;  
21,0432015/05/03 2021047  ET CURRENT_EVENTS Unknown EK Secondary Landing Page May 01 2015 M1;  
21,0422015/05/03 2021048  ET CURRENT_EVENTS Unknown EK Secondary Landing Page May 01 2015 M2;  
21,0412015/05/02 2500142  ET COMPROMISED Known Compromised or Hostile Host Traffic group 72; [1
21,0402015/05/02 2500144  ET COMPROMISED Known Compromised or Hostile Host Traffic group 73; [1
21,0392015/05/02 2021041  ET TROJAN Teerac/CryptoFortress .onion Proxy Domain (cld7vqwcvn2bii67); [1
21,0382015/05/02 2021044  ET CURRENT_EVENTS CottonCastle/Niteris EK SWF Exploit April 30 2015;  
21,0372015/05/02 2021045  ET CURRENT_EVENTS CottonCastle/Niteris EK SilverLight Exploit April 30 2015;  
21,0362015/05/02 2021042  ET CURRENT_EVENTS CottonCastle/Niteris EK Exploit Struct April 30 2015;  
21,0352015/05/02 2021043  ET CURRENT_EVENTS CottonCastle/Niteris EK SWF Exploit April 30 2015;  
21,0342015/05/02 2021040  ET CURRENT_EVENTS Possible Nuclear EK Landing URI Struct T1;  
21,0332015/05/01 2021037  ET CURRENT_EVENTS CottonCastle/Niteris EK Payload April 29 2015;  
21,0322015/05/01 2021039  ET CURRENT_EVENTS CottonCastle/Niteris EK Landing April 29 2015;  
21,0312015/05/01 2021038  ET CURRENT_EVENTS CottonCastle/Niteris EK POST Beacon April 29 2015;  
21,0302015/05/01 2021035  ET CURRENT_EVENTS CottonCastle/Niteris EK Java Exploit URI Struct April 29 2015;  
21,0292015/05/01 2021036  ET CURRENT_EVENTS CottonCastle/Niteris EK URI Struct April 29 2015;  
21,0282015/05/01 2021033  ET CURRENT_EVENTS CottonCastle/Niteris EK Landing URI Struct April 29 2015 M1;  
21,0272015/05/01 2021034  ET CURRENT_EVENTS CottonCastle/Niteris EK Landing URI Struct April 29 2015 M2;  
21,0262015/05/01 2021031  ET TROJAN Malicious SSL Cert (KINS C2);  
21,0252015/05/01 2021032  ET TROJAN Malicious SSL Cert (KINS C2);  
21,0242015/05/01 2021030  ET TROJAN BePush/Kilim CnC Beacon; [1
21,0232015/04/30 2021029  ET TROJAN Win32.Excute Checkin 2; [1
21,0222015/04/30 2021026  ET INFO Possible ThousandEyes User-Agent Inbound; [1
21,0212015/04/30 2021028  ET TROJAN Win32.Excute Checkin; [1
21,0202015/04/30 2021027  ET MALWARE W32/Softpulse PUP Install Failed Beacon;  
21,0192015/04/30 2021025  ET INFO Possible ThousandEyes User-Agent Outbound; [1
21,0182015/04/30 2021020  ET TROJAN Team Cymru Sinkhole DNS Reply;  
21,0172015/04/30 2021024  ET SCAN Nmap NSE Heartbleed Response;  
21,0162015/04/30 2021021  ET TROJAN Kaspersky Sinkhole DNS Reply;  
21,0152015/04/30 2021023  ET SCAN Nmap NSE Heartbleed Request;  
21,0142015/04/30 2021019  ET TROJAN MewsSpy/NionSpy .onion Proxy Domain (z3mm6cupmtw5b2xx); [1
21,0132015/04/30 2021022  ET TROJAN Wapack Labs Sinkhole DNS Reply;  
21,0122015/04/29 2021017  ET TROJAN Dalexis Downloading EXE;  
< 121  122  123  124  125  126  127  128  129  130 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.