시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
22,3612016/01/10 2022347  ET TROJAN Win32/Bulta DNS Lookup (yk.ftwxw.com);  
22,3602016/01/10 2022346  ET TROJAN Win32/Bulta DNS Lookup (kugo.f3322.net);  
22,3592016/01/09 2523388  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 695; [1
22,3582016/01/09 2523394  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 698; [1
22,3572016/01/09 2523390  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 696; [1
22,3562016/01/09 2523386  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 694; [1
22,3552016/01/09 2523392  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 697; [1
22,3542016/01/09 2523384  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 693; [1
22,3532016/01/09 2022343  ET TROJAN DustySky Payload Link Request; [1
22,3522016/01/09 2022341  ET CURRENT_EVENTS Evil Redirector Leading to EK Jan 6th 2016 M2;  
22,3512016/01/09 2022342  ET POLICY HotSpotShield Activity;  
22,3502016/01/08 2022339  ET CURRENT_EVENTS Dridex Download 6th Jan 2016 Flowbit;  
22,3492016/01/08 2022340  ET CURRENT_EVENTS W32/Dridex Binary Download 6th Jan 2016;  
22,3482016/01/08 2022335  ET TROJAN ELF.MrBlack DOS.TF Malformed Lookup (/lib32/libc.so.6); [1
22,3472016/01/08 2022338  ET CURRENT_EVENTS Evil Redirector Leading to EK Jan 6th 2016 M1;  
22,3462016/01/08 2022336  ET TROJAN ELF.MrBlack DOS.TF Variant; [1
22,3452016/01/08 2022337  ET TROJAN Win32.Nitol.K Variant CnC;  
22,3442016/01/07 2523380  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 691; [1
22,3432016/01/07 2523382  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 692; [1
22,3422016/01/07 2523376  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 689; [1
22,3412016/01/07 2022332  ET POLICY DNS Query to .onion proxy Domain (onion.link);  
22,3402016/01/07 2523378  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 690; [1
22,3392016/01/07 2523374  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 688; [1
22,3382016/01/07 2022331  ET TROJAN NanoLocker Check-in (ICMP) M1; [1
22,3372016/01/07 2022333  ET TROJAN Cryptojoker Checkin; [1
22,3362016/01/07 2022334  ET TROJAN Malicious VBS Downloader fake image zip;  
22,3352016/01/06 2022329  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
22,3342016/01/06 2022330  ET TROJAN NanoLocker Check-in (ICMP) M2; [1
22,3332016/01/06 2022327  ET TROJAN BlackEnergy SSL Cert; [1
22,3322016/01/06 2022328  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
22,3312016/01/02 2403389  ET CINS Active Threat Intelligence Poor Reputation IP group 90; [1,2
22,3302016/01/02 2403386  ET CINS Active Threat Intelligence Poor Reputation IP group 87; [1,2
22,3292016/01/02 2403387  ET CINS Active Threat Intelligence Poor Reputation IP group 88; [1,2
22,3282016/01/02 2403388  ET CINS Active Threat Intelligence Poor Reputation IP group 89; [1,2
22,3272016/01/02 2403384  ET CINS Active Threat Intelligence Poor Reputation IP group 85; [1,2
22,3262016/01/02 2403385  ET CINS Active Threat Intelligence Poor Reputation IP group 86; [1,2
22,3252016/01/02 2403383  ET CINS Active Threat Intelligence Poor Reputation IP group 84; [1,2
22,3242016/01/02 2022326  ET POLICY SSHv2 Server KEX Detected within Banner on Unusual Port; [1
22,3232016/01/02 2022324  ET TROJAN Malicious SSL certificate detected (Possible Sinkhole);  
22,3222016/01/02 2022325  ET POLICY SSHv2 Server KEX Detected within Banner on Expected Port; [1
22,3212016/01/02 2022321  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
22,3202016/01/02 2022323  ET TROJAN Malicious SSL certificate detected (Possible Sinkhole);  
22,3192016/01/02 2022322  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
22,3182015/12/31 2022320  ET CURRENT_EVENTS Tech Support Phone Scam Landing Dec 30 M2;  
22,3172015/12/31 2022317  ET TROJAN Zbot download config - SET;  
22,3162015/12/31 2022319  ET CURRENT_EVENTS Tech Support Phone Scam Landing Dec 30 M1;  
22,3152015/12/31 2022318  ET TROJAN Zbot download config;  
22,3142015/12/30 2022315  ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Payment Domain (o7zeip6us33igmgw);  
22,3132015/12/30 2022313  ET CURRENT_EVENTS Evil Redirector Leading to EK Mon Dec 26 2015 2;  
22,3122015/12/30 2022314  ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Payment Domain (czc57cr2pn3zfn4b);  
< 91  92  93  94  95  96  97  98  99  100 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.