시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
22,4112016/01/23 2022388  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Qadars CnC); [1
22,4102016/01/23 2022386  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Qadars CnC); [1
22,4092016/01/21 2022385  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex); [1
22,4082016/01/21 2022384  ET INFO DYNAMIC_DNS Query to a Suspicious *.dnsip.ru Domain;  
22,4072016/01/21 2022383  ET INFO DYNAMIC_DNS Query to a Suspicious *.dnsip.ru Domain;  
22,4062016/01/21 2022382  ET INFO DYNAMIC_DNS Query to a Suspicious *.dnsip.ru Domain;  
22,4052016/01/21 2022380  ET INFO DYNAMIC_DNS HTTP Request to a *.dnsip.ru Domain;  
22,4042016/01/21 2022381  ET INFO DYNAMIC_DNS Query to a Suspicious *.dnsip.ru Domain;  
22,4032016/01/21 2022379  ET INFO DYNAMIC_DNS HTTP Request to a *.dnsip.ru Domain;  
22,4022016/01/21 2022374  ET CURRENT_EVENTS Suspicious LastPass URI Structure - Possible Phishing; [1
22,4012016/01/21 2022376  ET CURRENT_EVENTS Suspicious Script Loaded from Pastebin;  
22,4002016/01/21 2022377  ET INFO DYNAMIC_DNS HTTP Request to a *.dnsip.ru Domain;  
22,3992016/01/21 2022372  ET CURRENT_EVENTS Chrome Extension Phishing DNS Request; [1
22,3982016/01/21 2022373  ET CURRENT_EVENTS Chrome Extension Phishing HTTP Request; [1
22,3972016/01/21 2022378  ET INFO DYNAMIC_DNS HTTP Request to a *.dnsip.ru Domain;  
22,3962016/01/16 2022369  ET EXPLOIT Possible CVE-2016-0777 Server Advertises Suspicious Roaming Support; [1
22,3952016/01/16 2022370  ET EXPLOIT Possible CVE-2016-0777 Client Sent Roaming Resume Request; [1
22,3942016/01/16 2022371  ET P2P MS WUDO Peer Sync; [1,2
22,3932016/01/15 2022367  ET TROJAN ELF.STD.ddos Checkin; [1
22,3922016/01/15 2022368  ET POLICY External IP Lookup - ip.tyk.nu;  
22,3912016/01/15 2022365  ET CURRENT_EVENTS Fake Virus Phone Scam Landing Jan 13 M2;  
22,3902016/01/15 2022366  ET CURRENT_EVENTS Fake Virus Phone Scam Landing Jan 13 M3;  
22,3892016/01/15 2022364  ET CURRENT_EVENTS Fake Virus Phone Scam Landing Jan 13 M1;  
22,3882016/01/14 2022363  ET TROJAN Win32/Agent.XST Keepalive; [1
22,3872016/01/14 2022362  ET TROJAN Win32/Agent.XST Checkin; [1
22,3862016/01/14 2022360  ET TROJAN TrochilusRAT CnC Beacon 1; [1
22,3852016/01/14 2022361  ET TROJAN TrochilusRAT CnC Beacon 2; [1
22,3842016/01/14 2022355  ET TROJAN EvilGrab or APT.9002 DNS Lookup (secvies.com); [1
22,3832016/01/14 2022356  ET TROJAN TrochilusRAT DNS Lookup (security-centers.com); [1
22,3822016/01/14 2022357  ET TROJAN Linux/Torte Downloading Binary; [1
22,3812016/01/14 2022358  ET TROJAN Linux/Torte Checkin; [1
22,3802016/01/14 2022359  ET WEB_SERVER WEBSHELL Linux/Torte Uploaded; [1
22,3792016/01/14 2022354  ET MALWARE DealPly Adware CnC Beacon 4;  
22,3782016/01/14 2022353  ET EXPLOIT TrendMicro node.js HTTP RCE Exploit Inbound (showSB); [1
22,3772016/01/14 2022352  ET EXPLOIT TrendMicro node.js HTTP RCE Exploit Inbound (openUrlInDefaultBrowser); [1
22,3762016/01/13 2022348  ET WEB_SERVER WEBSHELL JSP/Backdoor Shell Access; [1
22,3752016/01/13 2022349  ET CURRENT_EVENTS CoinMiner Malicious Authline Seen in JAR Backdoor; [1,2
22,3742016/01/13 2022350  ET WEB_SPECIFIC_APPS Invalid/Suspicious User-Agent (PHP);  
22,3732016/01/13 2022351  ET POLICY External IP Lookup - ipecho.net;  
22,3722016/01/11 2523414  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 708; [1
22,3712016/01/11 2523412  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 707; [1
22,3702016/01/11 2523396  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 699; [1
22,3692016/01/11 2523410  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 706; [1
22,3682016/01/11 2523400  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 701; [1
22,3672016/01/11 2523406  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 704; [1
22,3662016/01/11 2523408  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 705; [1
22,3652016/01/11 2523404  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 703; [1
22,3642016/01/11 2523402  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 702; [1
22,3632016/01/11 2523398  ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 700; [1
22,3622016/01/10 2022345  ET TROJAN Win32/Bulta CnC Beacon;  
< 91  92  93  94  95  96  97  98  99  100 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.