시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
20,9112015/04/17 2020914  ET POLICY Exe32Pack Packed Executable Download;  
20,9102015/04/17 2020916  ET EXPLOIT Possible Redirect to SMB exploit attempt - 302; [1
20,9092015/04/17 2020917  ET EXPLOIT Possible Redirect to SMB exploit attempt - 301; [1
20,9082015/04/17 2020913  ET TROJAN W32/Farfli.BHQ!tr Dropper CnC Beacon 2;  
20,9072015/04/17 2020915  ET TROJAN CryptoLocker .onion Proxy Domain (33p5mqkaj22irv4z); [1
20,9062015/04/17 2020912  ET WEB_SERVER Possible IIS Integer Overflow DoS (CVE-2015-1635);  
20,9052015/04/16 2020910  ET TROJAN Win32/Ruckguv.A Requesting Payload; [1
20,9042015/04/16 2020911  ET CURRENT_EVENTS Likely Dridex Multi-part Macro Download M1;  
20,9032015/04/16 2020909  ET TROJAN CoinVault CnC Beacon Response; [1
20,9022015/04/16 2020908  ET TROJAN CoinVault CnC Beacon M2; [1
20,9012015/04/16 2020907  ET TROJAN CoinVault CnC Beacon M1; [1
20,9002015/04/16 2020906  ET TROJAN CoinVault Mailer CnC Beacon; [1
20,8992015/04/15 2020901  ET TROJAN Possible APT30 Fake Mozilla UA; [1
20,8982015/04/15 2020905  ET CURRENT_EVENTS SPL2 EK Post-Compromise Data Dump M3;  
20,8972015/04/15 2020903  ET CURRENT_EVENTS SPL2 EK Post-Compromise Data Dump M1;  
20,8962015/04/15 2020900  ET TROJAN Emotet v2 Exfiltrating Outlook information; [1
20,8952015/04/15 2020902  ET TROJAN LankerBoy HTTP CnC Beacon;  
20,8942015/04/15 2020904  ET CURRENT_EVENTS SPL2 EK Post-Compromise Data Dump M2;  
20,8932015/04/15 2020899  ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution; [1
20,8922015/04/15 2020898  ET TROJAN Possible APT30 or Win32/Nuclear HTTP Framework POST; [1
20,8912015/04/15 2020897  ET TROJAN Possible APT30 or Win32/Nuclear HTTP Framework; [1
20,8902015/04/15 2020896  ET CURRENT_EVENTS DRIVEBY Router DNS Changer Apr 07 2015 M2;  
20,8892015/04/12 2020894  ET CURRENT_EVENTS DRIVEBY EXE Embeded in Page Likely Evil M2;  
20,8882015/04/12 2020895  ET CURRENT_EVENTS Magnitude Flash Exploit (IE) M2;  
20,8872015/04/12 2020892  ET TROJAN Possible Maldoc Retrieving Dridex from pastebin;  
20,8862015/04/12 2020893  ET CURRENT_EVENTS DRIVEBY EXE Embeded in Page Likely Evil M1;  
20,8852015/04/12 2020891  ET TROJAN Operation Buhtrap CnC Beacon 2; [1
20,8842015/04/12 2020890  ET TROJAN Operation Buhtrap CnC Beacon 1; [1
20,8832015/04/12 2020888  ET INFO invalid.cab domain in SNI;  
20,8822015/04/12 2020889  ET TROJAN Vobus/Beebone Sinkhole DNS Reply; [1
20,8812015/04/11 2020887  ET TROJAN Shellshock Worm Checkin; [1
20,8802015/04/11 2020886  ET TROJAN Kriptovor External IP Lookup checkip.dyndns.org; [1
20,8792015/04/11 2020883  ET TROJAN Kriptovor Checkin; [1
20,8782015/04/11 2020884  ET TROJAN Kriptovor SMTP Traffic; [1
20,8772015/04/11 2020885  ET TROJAN Kriptovor Retrieving RAR Payload; [1
20,8762015/04/10 2020882  ET TROJAN Win32/Teslacrypt Ransomware .onion domain (epmhyca5ol6plmx3); [1
20,8752015/04/10 2020881  ET MALWARE PUP Win32/AdWare.Sendori User-Agent; [1
20,8742015/04/10 2020879  ET EXPLOIT Linksys WRT54GL DNS Change GET Request; [1
20,8732015/04/10 2020880  ET EXPLOIT TP-LINK TL-WR750N DNS Change GET Request; [1
20,8722015/04/10 2020877  ET EXPLOIT Known Malicious Router DNS Change GET Request; [1
20,8712015/04/10 2020878  ET EXPLOIT TP-LINK TL-WR841N Router DNS Change GET Request; [1
20,8702015/04/10 2020874  ET EXPLOIT Netgear DGN1000B Router DNS Change GET Request; [1
20,8692015/04/10 2020876  ET EXPLOIT Tenda ADSL2/2 Router DNS Change GET Request; [1
20,8682015/04/10 2020875  ET EXPLOIT Belkin G F5D7230-4 Router DNS Change GET Request; [1
20,8672015/04/10 2020869  ET POLICY DNS Query to .onion proxy Domain (wh47f2as19.com);  
20,8662015/04/10 2020871  ET EXPLOIT ASUS RT N56U Router DNS Change GET Request 3; [1
20,8652015/04/10 2020873  ET EXPLOIT D-link DI604 Known Malicious Router DNS Change GET Request; [1
20,8642015/04/10 2020872  ET EXPLOIT TP-LINK Known Malicious Router DNS Change GET Request; [1
20,8632015/04/10 2020868  ET EXPLOIT FritzBox RCE GET Request; [1
20,8622015/04/10 2020864  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS CnC); [1
< 121  122  123  124  125  126  127  128  129  130 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.