시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
20,3612015/02/05 2020352  ET CURRENT_EVENTS DRIVEBY Nuclear EK Landing Feb 03 2015 M2;  
20,3602015/02/05 2020351  ET CURRENT_EVENTS Possible Dridex e-mail inbound;  
20,3592015/02/05 2020350  ET CURRENT_EVENTS Facebook Trojan 2015-01-29 / Symmi variant payload retrieval; [1
20,3582015/02/05 2020353  ET MOBILE_MALWARE Android/SMSThief.F Banker CnC Beacon; [1
20,3572015/02/05 2020354  ET CURRENT_EVENTS DRIVEBY Nuclear EK Landing Feb 03 2015 M2;  
20,3562015/02/05 2020349  ET CURRENT_EVENTS Facebook Trojan 2015-01-29 / Symmi variant Checkin response; [1
20,3552015/02/05 2020348  ET CURRENT_EVENTS Facebook Trojan 2015-01-29 / Symmi variant Checkin; [1
20,3542015/02/04 2020347  ET CURRENT_EVENTS Chaintor/Tordal User-Agent spotted downloading payload;  
20,3532015/02/04 2020345  ET TROJAN ArcDoor Intial Checkin;  
20,3522015/02/04 2020344  ET TROJAN ArcDoor UserAgent;  
20,3512015/02/04 2020343  ET MOBILE_MALWARE Android Syria-Twitter Checkin; [1
20,3502015/02/04 2020346  ET TROJAN Dropper YABROD Downloading Files; [1
20,3492015/02/02 2400026  ET DROP Spamhaus DROP Listed Traffic Inbound group 27; [1
20,3482015/02/02 2020342  ET CURRENT_EVENTS DRIVEBY Nuclear EK Landing Feb 01 2015 M2;  
20,3472015/01/31 2020338  ET WEB_SERVER WPScan User Agent; [1
20,3462015/01/31 2020340  ET TROJAN f0xy Checkin; [1
20,3452015/01/31 2020341  ET TROJAN f0xy Download; [1
20,3442015/01/31 2020339  ET TROJAN f0xy Checkin; [1
20,3432015/01/31 2020330  ET TROJAN Unknown Mailer CnC Beacon;  
20,3422015/01/31 2020331  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS CnC); [1
20,3412015/01/31 2020336  ET TROJAN MSIL/Agent.PYO Possible net.tcp CnC Beacon (stat); [1
20,3402015/01/31 2020334  ET TROJAN MSIL/Agent.PYO Retrieving Config; [1
20,3392015/01/31 2020337  ET TROJAN MSIL/Agent.PYO Possible net.tcp CnC Beacon (control); [1
20,3382015/01/31 2020335  ET TROJAN MSIL/Agent.PYO Receiving Config; [1
20,3372015/01/31 2020332  ET CURRENT_EVENTS Possible PHISH Dropbox - Landing Page - Title over non SSL;  
20,3362015/01/31 2020333  ET TROJAN MSIL/Agent.PYO Retrieving Update; [1
20,3352015/01/31 2020329  ET TROJAN Unknown Mailer CnC Beacon 2;  
20,3342015/01/30 2020326  ET EXPLOIT CVE-2015-0235 Exim Buffer Overflow Attempt (EHLO); [1
20,3332015/01/30 2020325  ET EXPLOIT CVE-2015-0235 Exim Buffer Overflow Attempt (HELO); [1
20,3322015/01/30 2020327  ET WEB_SPECIFIC_APPS Wordpress PingBack Possible GHOST attempt;  
20,3312015/01/30 2020324  ET POLICY Onion2Web Tor Proxy Cookie; [1
20,3302015/01/30 2020328  ET CURRENT_EVENTS Possible Dridex Campaign Download Jan 28 2014;  
20,3292015/01/30 2020319  ET CURRENT_EVENTS DRIVEBY Nuclear EK Landing Jan 27 2015 M2;  
20,3282015/01/30 2020323  ET WEB_SERVER Heimdallbot Attack Tool Inbound;  
20,3272015/01/30 2020322  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS CnC); [1
20,3262015/01/30 2020321  ET CURRENT_EVENTS Job314/Neutrino Reboot EK Landing Jan 27 2015;  
20,3252015/01/30 2020320  ET CURRENT_EVENTS Job314/Neutrino Reboot EK Landing Jan 27 2015;  
20,3242015/01/30 2020318  ET CURRENT_EVENTS DRIVEBY Nuclear EK Landing Jan 27 2015 M1;  
20,3232015/01/29 2020316  ET TROJAN KL-Remote / Cryp_Banker14 RAT response;  
20,3222015/01/29 2020317  ET CURRENT_EVENTS DRIVEBY Nuclear EK SilverLight M2;  
20,3212015/01/29 2020315  ET TROJAN KL-Remote / Cryp_Banker14 RAT connection;  
20,3202015/01/28 2020314  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS CnC); [1
20,3192015/01/28 2020309  ET TROJAN Regin Hopscotch Module Accessing SMB2 Named Pipe (Unicode) 1; [1
20,3182015/01/28 2020310  ET TROJAN Regin Hopscotch Module Accessing SMB Named Pipe (Unicode) 2; [1
20,3172015/01/28 2020311  ET CURRENT_EVENTS DRIVEBY Nuclear EK SWF M2;  
20,3162015/01/28 2020312  ET CURRENT_EVENTS DRIVEBY Nuclear EK SWF M2;  
20,3152015/01/28 2020313  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS CnC); [1
20,3142015/01/28 2020308  ET TROJAN Dyre Downloading Mailer;  
20,3132015/01/24 2020303  ET TROJAN W32/AGENT.NXNX Checkin 2; [1,2
20,3122015/01/24 2020298  ET TROJAN Win32/Scieron-A UA (HTClient); [1
< 131  132  133  134  135  136  137  138  139  140 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.