시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
21,1112015/05/20 2021115  ET TROJAN CTB-Locker .onion Proxy Domain (tlunjscxn5n76iyz); [1
21,1102015/05/20 2021112  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex CnC); [1
21,1092015/05/20 2021117  ET TROJAN Win32/Rallovs.A CnC Beacon; [1
21,1082015/05/20 2021116  ET TROJAN Possible APT17 CnC Content in Public Website; [1
21,1072015/05/20 2021113  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dyre CnC); [1
21,1062015/05/20 2021114  ET TROJAN Yahoyah CnC Beacon; [1
21,1052015/05/17 2021111  ET TROJAN DDoS.Win32/Nitol.B Checkin;  
21,1042015/05/17 2021109  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Ransomware CnC); [1
21,1032015/05/17 2021108  ET TROJAN APT Hellsing Proxy Checker Checkin; [1
21,1022015/05/17 2021105  ET TROJAN FrauDrop UA single;  
21,1012015/05/17 2021104  ET TROJAN FrauDrop UA LETITGO;  
21,1002015/05/17 2021110  ET CURRENT_EVENTS DNSChanger EK Secondary Landing May 12 2015 M2;  
21,0992015/05/17 2021103  ET TROJAN FrauDrop Checkin;  
21,0982015/05/17 2021107  ET TROJAN Win32/Zemot Fake Search Page;  
21,0972015/05/17 2021106  ET CURRENT_EVENTS Possible Dridex Downloader SSL Certificate;  
21,0962015/05/17 2021101  ET TROJAN Generic Dropper Installing PUP 1;  
21,0952015/05/17 2021102  ET TROJAN Likely Dridex Generic SSL Cert;  
21,0942015/05/17 2021099  ET MALWARE PUP.GigaClicks Checkin;  
21,0932015/05/17 2021100  ET TROJAN Generic Dropper Installing PUP 2;  
21,0922015/05/16 2021098  ET TROJAN Win32/Troldesh.A SSL Cert;  
21,0912015/05/16 2021097  ET TROJAN Win32/Ruckguv.A SSL Cert;  
21,0902015/05/16 2021096  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Malware CnC); [1
21,0892015/05/15 2500176  ET COMPROMISED Known Compromised or Hostile Host Traffic group 89; [1
21,0882015/05/15 2021095  ET TROJAN Putty SSH Credential Stealer;  
21,0872015/05/15 2021094  ET MALWARE Win32/Toolbar.Conduit.AG Checkin;  
21,0862015/05/15 2021092  ET CURRENT_EVENTS Download file with BITS via LNK file (Likely Malicious);  
21,0852015/05/15 2021093  ET CURRENT_EVENTS Possible Dridex Remote Macro Download;  
21,0842015/05/14 2021091  ET TROJAN VaultCrypt Checkin;  
21,0832015/05/14 2021089  ET CURRENT_EVENTS WebRTC IP tracker Observed in DNSChanger EK May 12 2015; [1
21,0822015/05/14 2021090  ET CURRENT_EVENTS DNSChanger EK Landing May 12 2015;  
21,0812015/05/14 2021088  ET TROJAN Unknown Downloader CnC Beacon 2;  
21,0802015/05/13 2500174  ET COMPROMISED Known Compromised or Hostile Host Traffic group 88; [1
21,0792015/05/13 2500172  ET COMPROMISED Known Compromised or Hostile Host Traffic group 87; [1
21,0782015/05/13 2021086  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS CnC); [1
21,0772015/05/13 2021087  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Ransomware CnC); [1
21,0762015/05/10 2500170  ET COMPROMISED Known Compromised or Hostile Host Traffic group 86; [1
21,0752015/05/10 2500166  ET COMPROMISED Known Compromised or Hostile Host Traffic group 84; [1
21,0742015/05/10 2500168  ET COMPROMISED Known Compromised or Hostile Host Traffic group 85; [1
21,0732015/05/10 2021083  ET CURRENT_EVENTS Possible CryptoPHP Leaking Credentials May 8 2015 M3; [1
21,0722015/05/10 2021080  ET TROJAN Enfal CnC GET;  
21,0712015/05/10 2021085  ET TROJAN Cryptolocker .onion Proxy Domain (24u4jf7s4regu6hn);  
21,0702015/05/10 2021081  ET CURRENT_EVENTS Possible CryptoPHP Leaking Credentials May 8 2015 M1; [1
21,0692015/05/10 2021082  ET CURRENT_EVENTS Possible CryptoPHP Leaking Credentials May 8 2015 M2; [1
21,0682015/05/10 2021084  ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain (iq3ahijcfeont3xx);  
21,0672015/05/10 2021077  ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain (is6xsotjdy4qtgur); [1,2
21,0662015/05/10 2021079  ET TROJAN Enfal CnC POST;  
21,0652015/05/10 2021078  ET WEB_CLIENT Possible CVE-2013-1710/CVE-2012-3993 Firefox Exploit Attempt;  
21,0642015/05/08 2500158  ET COMPROMISED Known Compromised or Hostile Host Traffic group 80; [1
21,0632015/05/08 2021061  ET TROJAN Ursnif SSL Cert;  
21,0622015/05/08 2021062  ET WEB_SPECIFIC_APPS WP Jetpack/Twentyfifteen Possible XSS Request; [1
< 121  122  123  124  125  126  127  128  129  130 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.