시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
22,7612016/04/07 2022712  ET EXPLOIT Dameware DMRC Buffer Overflow Attempt (CVE-2016-2345); [1
22,7602016/04/07 2022707  ET TROJAN LuminosityLink - Data Channel Client Request 2;  
22,7592016/04/07 2022710  ET TROJAN LuminosityLink - CnC;  
22,7582016/04/07 2022711  ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Payment Domain(xzjvzkgjxebzreap);  
22,7572016/04/07 2022709  ET TROJAN LuminosityLink - CnC Password Exfil;  
22,7562016/04/07 2022706  ET TROJAN ABUSE.CH Ransomware Domain Detected (TorrentLocker C2); [1
22,7552016/04/07 2022703  ET TROJAN ABUSE.CH Ransomware Domain Detected (TorrentLocker C2); [1
22,7542016/04/07 2022705  ET TROJAN ABUSE.CH Ransomware Domain Detected (TorrentLocker C2); [1
22,7532016/04/07 2022708  ET TROJAN LuminosityLink - Data Channel Server Response 2;  
22,7522016/04/07 2022701  ET EXPLOIT Quanta LTE Router RDE Exploit Attempt 2 (traceroute); [1
22,7512016/04/07 2022702  ET TROJAN ABUSE.CH Ransomware Domain Detected (TorrentLocker C2); [1
22,7502016/04/07 2022698  ET EXPLOIT Quanta LTE Router Information Disclosure Exploit Attempt; [1
22,7492016/04/07 2022700  ET EXPLOIT Quanta LTE Router RDE Exploit Attempt 1 (ping); [1
22,7482016/04/07 2022704  ET TROJAN ABUSE.CH Ransomware Domain Detected (TorrentLocker C2); [1
22,7472016/04/07 2022699  ET EXPLOIT Quanta LTE Router UDP Backdoor Activation Attempt; [1
22,7462016/04/05 2200085  SURICATA IPv6-in-IPv6 invalid protocol;  
22,7452016/04/05 2221026  SURICATA HTTP request server port doesn't match TCP port;  
22,7442016/04/05 2200084  SURICATA IPv6-in-IPv6 packet too short;  
22,7432016/04/05 2200082  SURICATA IPv4-in-IPv6 packet too short;  
22,7422016/04/05 2022697  ET CURRENT_EVENTS Fake AV Phone Scam Landing Apr 4;  
22,7412016/04/05 2022484  ET CURRENT_EVENTS RIG encrypted payload Feb 02 (1);  
22,7402016/04/05 2022552  ET TROJAN FrameworkPOS CnC Server Reporting IP Address To Agent; [1
22,7392016/04/05 2022696  ET CURRENT_EVENTS Possible Fake AV Phone Scam Long Domain Apr 4;  
22,7382016/04/05 2200083  SURICATA IPv4-in-IPv6 invalid protocol;  
22,7372016/04/05 2022578  ET CURRENT_EVENTS Phishing Landing Obfuscation Mar 1; [1
22,7362016/04/05 2021736  ET CURRENT_EVENTS Possible Dyre SSL Cert Aug 31 2015; [1
22,7352016/04/05 2021735  ET CURRENT_EVENTS Possible Dyre SSL Cert Aug 31 2015; [1
22,7342016/04/05 2021225  ET DELETED Possible Upatre or Dyre SSL Cert June 9 2015;  
22,7332016/04/05 2021383  ET TROJAN Possible Zberp receiving config via image file (steganography) 2; [1
22,7322016/04/05 2021249  ET CURRENT_EVENTS Possible Evil Redirector Leading to EK June 11 2015;  
22,7312016/04/05 2021382  ET TROJAN Possible Zberp receiving config via image file (steganography); [1,2
22,7302016/04/05 2019345  ET CURRENT_EVENTS Possible CryptoLocker TorComponent DL; [1
22,7292016/04/05 2021381  ET TROJAN Zberp receiving config via image file - SET; [1,2
22,7282016/04/05 2021059  ET CURRENT_EVENTS Angler EK XTEA encrypted binary (23);  
22,7272016/04/03 2022695  ET CURRENT_EVENTS Fake AV Phone Scam Landing Apr 1;  
22,7262016/04/03 2404424  ET CNC Ransomware Tracker Reported CnC Server group 25; [1,2
22,7252016/04/03 2022694  ET MALWARE Win32/SmartTab PUP Install Activity 2;  
22,7242016/04/01 2404422  ET CNC Ransomware Tracker Reported CnC Server group 23; [1,2
22,7232016/04/01 2404423  ET CNC Ransomware Tracker Reported CnC Server group 24; [1,2
22,7222016/04/01 2404421  ET CNC Ransomware Tracker Reported CnC Server group 22; [1,2
22,7212016/04/01 2022693  ET EXPLOIT TrendMicro node.js (Remote Debugger); [1
22,7202016/04/01 2022692  ET TROJAN JS/Nemucod requesting EXE payload 2016-03-31; [1
22,7192016/04/01 2022690  ET CURRENT_EVENTS Possible Fake AV Phone Scam Long Domain Mar 30 M1;  
22,7182016/04/01 2022691  ET CURRENT_EVENTS Possible Fake AV Phone Scam Long Domain Mar 30 M2;  
22,7172016/04/01 2022689  ET TROJAN Win32/Backdoor.Dripion HTTP CnC Checkin; [1
22,7162016/04/01 2022688  ET TROJAN Win32/Backdoor.Dripion External IP Check; [1
22,7152016/04/01 2022687  ET POLICY External IP Address Lookup via dawhois.com;  
22,7142016/04/01 2022684  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Zeus CnC); [1
22,7132016/04/01 2022686  ET CURRENT_EVENTS Likely Evil Macro EXE DL mar 28 2016;  
22,7122016/04/01 2022685  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Quakbot CnC); [1
< 81  82  83  84  85  86  87  88  89  90 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.