시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
20,4112015/02/13 2020408  ET CURRENT_EVENTS Evil Redirector Leading to EK Feb 11 2015 Banner;  
20,4102015/02/13 2020400  ET POLICY DNS Query to .onion proxy Domain (tostotor.com);  
20,4092015/02/13 2020407  ET CURRENT_EVENTS KaiXin Landing Page M2;  
20,4082015/02/13 2020406  ET POLICY DNS Query to .onion proxy Domain (dogotor.com);  
20,4072015/02/13 2020397  ET CURRENT_EVENTS Possible Android CVE-2014-6041; [1,2
20,4062015/02/13 2020398  ET CURRENT_EVENTS Possible Android CVE-2014-6041; [1,2
20,4052015/02/13 2020404  ET POLICY DNS Query to .onion proxy Domain (onion.am);  
20,4042015/02/13 2020401  ET POLICY DNS Query to .onion proxy Domain (trusteetor.com);  
20,4032015/02/13 2020396  ET TROJAN Win32/Rovnix.J Checkin 2;  
20,4022015/02/13 2020399  ET CURRENT_EVENTS Angler EK Payload DL M2 Feb 06 2015;  
20,4012015/02/13 2020393  ET WEB_CLIENT Possible Android RCE via XSS and Play Store XFO; [1,2
20,4002015/02/13 2020402  ET POLICY DNS Query to .onion proxy Domain (solutionstopaytor33.com);  
20,3992015/02/13 2020395  ET POLICY DNS Query to .onion proxy Domain (monsterbbc.com);  
20,3982015/02/13 2020391  ET POLICY DNS Query to .onion proxy Domain (bananator.com);  
20,3972015/02/13 2020392  ET CURRENT_EVENTS KaiXin Secondary Landing Page;  
20,3962015/02/13 2020390  ET POLICY DNS Query to .onion proxy Domain (optionstorpay22.com);  
20,3952015/02/13 2020389  ET TROJAN Linux/Xnote Keep-Alive; [1
20,3942015/02/11 2020387  ET CURRENT_EVENTS Angler EK XTEA encrypted binary (11);  
20,3932015/02/11 2020388  ET CURRENT_EVENTS Job314/Neutrino Reboot EK Payload Nov 20 2014;  
20,3922015/02/11 2020386  ET POLICY SUSPICIOUS *.rar.exe in HTTP URL;  
20,3912015/02/08 2020385  ET CURRENT_EVENTS Angler EK Payload DL M1 Feb 06 2015;  
20,3902015/02/07 2020384  ET TROJAN Skeleton Key Filename in SMB2 Traffic; [1
20,3892015/02/07 2020376  ET POLICY DNS Query to .onion proxy Domain (torinvestment2.com);  
20,3882015/02/07 2020383  ET TROJAN Skeleton Key Filename in SMB2 Traffic; [1
20,3872015/02/07 2020382  ET TROJAN Skeleton Key Filename in SMB2 Traffic; [1
20,3862015/02/07 2020381  ET TROJAN DDoS.XOR Checkin; [1
20,3852015/02/07 2020372  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dyre CnC); [1
20,3842015/02/07 2020380  ET TROJAN Possible Deep Panda User-Agent;  
20,3832015/02/07 2020374  ET POLICY DNS Query to .onion proxy Domain (torpaysolutions.com);  
20,3822015/02/07 2020379  ET TROJAN Possible HTTP GET Deep Panda C2 Activity;  
20,3812015/02/07 2020378  ET TROJAN Possible HTTP POST Deep Panda C2 Activity;  
20,3802015/02/07 2020377  ET POLICY DNS Query to .onion proxy Domain (torwillsmith.com);  
20,3792015/02/07 2020368  ET WEB_SPECIFIC_APPS FancyBox Remote Code Inclusion POST Request; [1
20,3782015/02/07 2020373  ET TROJAN Possible DEEP PANDA C2 Activity;  
20,3772015/02/07 2020375  ET POLICY DNS Query to .onion proxy Domain (torpayoptions.com);  
20,3762015/02/07 2020369  ET TROJAN Common Upatre URI/Headers Struct;  
20,3752015/02/07 2020370  ET TROJAN Upatre External IP Check;  
20,3742015/02/07 2020371  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 45; [1,2
20,3732015/02/07 2020365  ET CURRENT_EVENTS DRIVEBY Angler EK Landing Primer Feb 04 2014 (noalert);  
20,3722015/02/07 2020366  ET CURRENT_EVENTS DRIVEBY Angler EK Landing Primer Feb 04 2014 (noalert);  
20,3712015/02/07 2020367  ET CURRENT_EVENTS DRIVEBY Angler EK Landing Feb 04 2014 T1;  
20,3702015/02/06 2020360  ET TROJAN Critroni Variant .onion Proxy Domain;  
20,3692015/02/06 2020361  ET TROJAN Critroni Variant .onion Proxy Domain;  
20,3682015/02/06 2020364  ET MOBILE_MALWARE IOS_XAGENT UA; [1
20,3672015/02/06 2020359  ET TROJAN Critroni Variant .onion Proxy Domain;  
20,3662015/02/06 2020363  ET MOBILE_MALWARE Operation Pawn Storm IOS_XAGENT Checkin; [1
20,3652015/02/06 2020358  ET TROJAN Critroni Variant .onion Proxy Domain;  
20,3642015/02/06 2020357  ET TROJAN Critroni Variant .onion Proxy Domain;  
20,3632015/02/05 2020355  ET CURRENT_EVENTS Angler EK Feb 04 2015;  
20,3622015/02/05 2020356  ET CURRENT_EVENTS Angler EK Feb 04 2015 M2;  
< 131  132  133  134  135  136  137  138  139  140 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.