시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
20,5112015/02/26 2020507  ET ATTACK_RESPONSE MySQL error in HTTP response, possible SQL injection point;  
20,5102015/02/26 2020508  ET ATTACK_RESPONSE MySQL error in HTTP response, possible SQL injection point;  
20,5092015/02/26 2020509  ET ATTACK_RESPONSE MySQL error in HTTP response, possible SQL injection point;  
20,5082015/02/26 2020506  ET ATTACK_RESPONSE MySQL error in HTTP response, possible SQL injection point;  
20,5072015/02/25 2020501  ET CURRENT_EVENTS DRIVEBY Unknown EK Landing;  
20,5062015/02/25 2020504  ET TROJAN Win32/LockScreen CnC Beacon 2;  
20,5052015/02/25 2020505  ET TROJAN Win32.Sality.3 Checkin;  
20,5042015/02/25 2020500  ET CURRENT_EVENTS DRIVEBY Likely Evil EXE with no referer from HFS webserver (used by Unknown EK);  
20,5032015/02/25 2020498  ET CURRENT_EVENTS DRIVEBY Possible Unknown EK HFS CVE-2014-6332;  
20,5022015/02/25 2020503  ET TROJAN Win32/LockScreen CnC Beacon 1;  
20,5012015/02/25 2020502  ET ATTACK_RESPONSE Microsoft Access database error in HTTP response, possible SQL injection point;  
20,5002015/02/23 2020497  ET CURRENT_EVENTS DRIVEBY Angler EK Landing URI Struct Feb 21;  
20,4992015/02/22 2020495  ET CURRENT_EVENTS KaiXin Landing M3;  
20,4982015/02/22 2020494  ET CURRENT_EVENTS KaiXin Secondary Landing Page M2;  
20,4972015/02/22 2020496  ET CURRENT_EVENTS Angler EK Post-infection HTTP Request Feb 20 2015;  
20,4962015/02/21 2020493  ET TROJAN SuperFish Possible SSL Cert Signed By Compromised Root CA; [1,2
20,4952015/02/21 2020489  ET TROJAN SuperFish CnC Beacon 1; [1,2
20,4942015/02/21 2020490  ET TROJAN SuperFish CnC Beacon 2; [1,2
20,4932015/02/21 2020492  ET TROJAN SuperFish Possible SSL Cert CnC Traffic; [1,2
20,4922015/02/21 2020488  ET EXPLOIT Generic ADSL Router DNS Change POST Request; [1
20,4912015/02/21 2020486  ET EXPLOIT Possible ShuttleTech 915WM DNS Change Attempt; [1
20,4902015/02/21 2020487  ET EXPLOIT Generic ADSL Router DNS Change GET Request; [1
20,4892015/02/21 2020485  ET EXPLOIT Possible dlink-DSL2640B DNS Change Attempt; [1
20,4882015/02/21 2020491  ET TROJAN Possible Bedep Connectivity Check (2); [1
20,4872015/02/21 2020484  ET CURRENT_EVENTS Unknown EK Comment in Body;  
20,4862015/02/21 2020480  ET TROJAN Trojan.NSIS.Comame.A Checkin;  
20,4852015/02/21 2020481  ET CURRENT_EVENTS DRIVEBY GENERIC CollectGarbage in Hex String No Seps;  
20,4842015/02/21 2020482  ET CURRENT_EVENTS DRIVEBY GENERIC ShellExecute in Hex No Seps;  
20,4832015/02/21 2020479  ET TROJAN Win32.Beaugrit.gen.AAAA;  
20,4822015/02/21 2020483  ET CURRENT_EVENTS DRIVEBY GENERIC ShellExecute in URLENCODE;  
20,4812015/02/20 2020478  ET CURRENT_EVENTS KaiXin EK Possible Jar Download;  
20,4802015/02/20 2020475  ET POLICY Metasploit Framework Checking For Update;  
20,4792015/02/20 2020476  ET CURRENT_EVENTS KaiXin EK Jar URI Struct;  
20,4782015/02/20 2020474  ET TROJAN Possible Babar POST Request; [1
20,4772015/02/20 2020477  ET CURRENT_EVENTS KaiXin EK Possible Jar Download;  
20,4762015/02/20 2020468  ET TROJAN Desert Falcon Related APT DNS Lookup (blogging-host.info); [1
20,4752015/02/20 2020461  ET TROJAN Desert Falcon APT DNS Lookup (androcity.com); [1
20,4742015/02/20 2020466  ET TROJAN Desert Falcon Related APT DNS Lookup (facebook-emoticons.bitblogoo.com); [1
20,4732015/02/20 2020460  ET CURRENT_EVENTS Possible CVE-2014-6332 DECS2;  
20,4722015/02/20 2020467  ET TROJAN Desert Falcon Related APT DNS Lookup (abuhmaid.net); [1
20,4712015/02/20 2020472  ET TROJAN Desert Falcon APT DNS Lookup (iwork-sys.com); [1
20,4702015/02/20 2020470  ET TROJAN Dridex POST Retrieving Second Stage;  
20,4692015/02/20 2020464  ET TROJAN Desert Falcon Related APT DNS Lookup (nauss-lab.com); [1
20,4682015/02/20 2020471  ET TROJAN Babar POST Request; [1
20,4672015/02/20 2020465  ET TROJAN Desert Falcon Related APT DNS Lookup (nice-mobiles.com); [1
20,4662015/02/20 2020469  ET TROJAN Desert Falcon Related APT DNS Lookup (tvgate.rocks); [1
20,4652015/02/20 2020462  ET TROJAN Desert Falcon APT DNS Lookup (liptona.net); [1
20,4642015/02/20 2020452  ET TROJAN Arid Viper APT Advtravel Campaign DNS Lookup (advtravel.info); [1
20,4632015/02/20 2020459  ET TROJAN Desert Falcon APT DNS Lookup (linkedim.in); [1
20,4622015/02/20 2020454  ET TROJAN Arid Viper APT Advtravel Campaign DNS Lookup (linksis.info); [1
< 131  132  133  134  135  136  137  138  139  140 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.