시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
22,3112015/12/30 2022316  ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Payment Domain (vr6g2curb2kcidou);  
22,3102015/12/30 2022312  ET CURRENT_EVENTS Evil Redirector Leading to EK Mon Dec 26 2015;  
22,3092015/12/25 2022310  ET TROJAN BBSRAT GET request CnC; [1
22,3082015/12/25 2022304  ET CURRENT_EVENTS Evil Redirect Leading to EK Dec 22 2015 (Proxy Filtering);  
22,3072015/12/25 2022305  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (TorrentLocker CnC); [1
22,3062015/12/25 2022306  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (TorrentLocker CnC); [1
22,3052015/12/25 2022311  ET TROJAN BBSRAT POST request CnC; [1
22,3042015/12/25 2022303  ET TROJAN ASCII Executable Inside of MSCOFF File DL Over HTTP;  
22,3032015/12/25 2022308  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
22,3022015/12/25 2022309  ET TROJAN Powersploit Framework Script Downloaded;  
22,3012015/12/25 2022307  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (TorrentLocker CnC); [1
22,3002015/12/23 2022296  ET POLICY IOS Download from Vshare Marketplace (Possible DarkSideLoading);  
22,2992015/12/23 2022298  ET TROJAN Ironhalo CnC Beacon;  
22,2982015/12/23 2022299  ET POLICY FOX-SRT - Juniper ScreenOS SSH World Reachable; [1
22,2972015/12/23 2022300  ET TROJAN AlphaCrypt CnC Beacon 6;  
22,2962015/12/23 2022301  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
22,2952015/12/23 2022302  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
22,2942015/12/23 2022297  ET POLICY Android Download from Vshare Marketplace (Possible DarkSideLoading);  
22,2932015/12/22 2022295  ET WEB_SERVER WeBaCoo Web Backdoor Detected; [1
22,2922015/12/22 2022291  ET WEB_CLIENT Juniper ScreenOS telnet Backdoor Default Password Attempt; [1
22,2912015/12/22 2022294  ET TROJAN Kelihos CnC Server Activity; [1
22,2902015/12/22 2022292  ET TROJAN Possible Gootkit CnC SSL Cert M8;  
22,2892015/12/22 2022293  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
22,2882015/12/22 2022290  ET CURRENT_EVENTS Evil Redirector Leading to EK Mon Dec 21 2015 5; [1
22,2872015/12/22 2022288  ET MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw/SlemBunk Checkin; [1
22,2862015/12/22 2022289  ET MOBILE_MALWARE Android/SlemBunk.Banker Phished Credentials Upload; [1
22,2852015/12/19 2022276  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
22,2842015/12/19 2022281  ET TROJAN Win32/Nivdort Posting Data 2; [1
22,2832015/12/19 2022282  ET TROJAN Win32/ProPoS CnC Beacon; [1
22,2822015/12/19 2022283  ET TROJAN FAKBEN Ransomware;  
22,2812015/12/19 2022285  ET INFO ZoneAlarm Download Flowbit Set;  
22,2802015/12/19 2022279  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex); [1
22,2792015/12/19 2022280  ET TROJAN Win32/Nivdort Posting Data 1; [1
22,2782015/12/19 2022277  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
22,2772015/12/19 2022284  ET TROJAN AlphaCrypt CnC Beacon 5;  
22,2762015/12/19 2022286  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
22,2752015/12/19 2022287  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
22,2742015/12/19 2022278  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
22,2732015/12/19 2022275  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Malware CnC); [1
22,2722015/12/19 2022273  ET TROJAN Sakula DNS Lookup (inocnation.com); [1
22,2712015/12/19 2022272  ET TROJAN Sakula DNS Lookup (mail.cbppnews.com); [1
22,2702015/12/19 2022270  ET CURRENT_EVENTS Possible Evil Macro Downloading Trojan Dec 16 2015 Post to EXE;  
22,2692015/12/19 2022271  ET INFO SUSPICIOUS Possible Evil Download wsf Double Ext No Referer;  
22,2682015/12/18 2022269  ET TROJAN Possible Derusbi/Winnti Receiving Configuration; [1
22,2672015/12/17 2022268  ET EXPLOIT Joomla RCE M3 (Serialized PHP in XFF); [1
22,2662015/12/17 2022267  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
22,2652015/12/17 2022266  ET INFO Possible MSXMLHTTP Request (msp) unset (no exe);  
22,2642015/12/17 2022263  ET EXPLOIT Joomla RCE M2 (Serialized PHP in UA); [1
22,2632015/12/17 2022264  ET INFO Possible MSXMLHTTP Request (exe) unset (no exe);  
22,2622015/12/17 2022265  ET INFO Possible MSXMLHTTP Request (msi) unset (no exe);  
< 91  92  93  94  95  96  97  98  99  100 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.