시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
23,1112016/06/25 2403418  ET CINS Active Threat Intelligence Poor Reputation IP group 119; [1,2
23,1102016/06/25 2403419  ET CINS Active Threat Intelligence Poor Reputation IP group 120; [1,2
23,1092016/06/25 2403414  ET CINS Active Threat Intelligence Poor Reputation IP group 115; [1,2
23,1082016/06/25 2403417  ET CINS Active Threat Intelligence Poor Reputation IP group 118; [1,2
23,1072016/06/25 2403416  ET CINS Active Threat Intelligence Poor Reputation IP group 117; [1,2
23,1062016/06/25 2403415  ET CINS Active Threat Intelligence Poor Reputation IP group 116; [1,2
23,1052016/06/25 2403413  ET CINS Active Threat Intelligence Poor Reputation IP group 114; [1,2
23,1042016/06/25 2403410  ET CINS Active Threat Intelligence Poor Reputation IP group 111; [1,2
23,1032016/06/25 2403411  ET CINS Active Threat Intelligence Poor Reputation IP group 112; [1,2
23,1022016/06/25 2403412  ET CINS Active Threat Intelligence Poor Reputation IP group 113; [1,2
23,1012016/06/25 2403408  ET CINS Active Threat Intelligence Poor Reputation IP group 109; [1,2
23,1002016/06/25 2403409  ET CINS Active Threat Intelligence Poor Reputation IP group 110; [1,2
23,0992016/06/25 2403407  ET CINS Active Threat Intelligence Poor Reputation IP group 108; [1,2
23,0982016/06/25 2403406  ET CINS Active Threat Intelligence Poor Reputation IP group 107; [1,2
23,0972016/06/25 2022915  ET INFO Web Proxy Auto Discovery Protocol WPAD DHCP 252 option Possible BadTunnel;  
23,0962016/06/25 2022914  ET INFO NBNS Name Query Response Possible WPAD Spoof BadTunnel; [1,2
23,0952016/06/25 2022913  ET INFO WinHttp AutoProxy Request wpad.dat Possible BadTunnel; [1,2
23,0942016/06/24 2403402  ET CINS Active Threat Intelligence Poor Reputation IP group 103; [1,2
23,0932016/06/24 2403404  ET CINS Active Threat Intelligence Poor Reputation IP group 105; [1,2
23,0922016/06/24 2022912  ET WEB_SERVER Apache Continuum Arbitrary Command Execution;  
23,0912016/06/24 2022909  ET CURRENT_EVENTS Evil Redirect Leading to EK Jun 22 2016 M1;  
23,0902016/06/24 2022911  ET MALWARE LoadMoney User-Agent;  
23,0892016/06/24 2403405  ET CINS Active Threat Intelligence Poor Reputation IP group 106; [1,2
23,0882016/06/24 2403403  ET CINS Active Threat Intelligence Poor Reputation IP group 104; [1,2
23,0872016/06/24 2022910  ET CURRENT_EVENTS Evil Redirect Leading to EK Jun 22 2016 M2;  
23,0862016/06/23 2403401  ET CINS Active Threat Intelligence Poor Reputation IP group 102; [1,2
23,0852016/06/23 2022907  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL Certificate Detected (Sinkhole); [1
23,0842016/06/23 2022908  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL Certificate Detected (Sinkhole); [1
23,0832016/06/23 2403400  ET CINS Active Threat Intelligence Poor Reputation IP group 101; [1,2
23,0822016/06/22 2022906  ET TROJAN Unknown Ransomware Landing Page;  
23,0812016/06/19 2022905  ET CURRENT_EVENTS Suspicious Hidden Javascript Redirect - Possible Phishing Jun 17; [1
23,0802016/06/18 2022904  ET CURRENT_EVENTS Evil Redirector Leading to EK Jun 15 2016;  
23,0792016/06/17 2022903  ET TROJAN FOX-SRT ShimRatReporter check-in; [1
23,0782016/06/17 2022898  ET CURRENT_EVENTS Evil Redirector Leading to EK Jun 14 2016;  
23,0772016/06/17 2022899  ET TROJAN JS/RAA Ransomware check-in;  
23,0762016/06/17 2022900  ET TROJAN FOX-SRT ShimRat check-in (Data); [1
23,0752016/06/17 2022901  ET TROJAN FOX-SRT ShimRat check-in (php); [1
23,0742016/06/17 2022897  ET TROJAN Win32.Crypren/Zcrypt Ransomware Checkin;  
23,0732016/06/17 2022902  ET TROJAN FOX-SRT ShimRat check-in (Yuok); [1
23,0722016/06/15 2022896  ET CURRENT_EVENTS SUSPICIOUS Firesale gTLD EXE DL with no Referer June 13 2016;  
23,0712016/06/15 2022890  ET WEB_CLIENT Google Chrome Pdfium JPEG2000 Heap Overflow;  
23,0702016/06/15 2022891  ET TROJAN Unknown Botnet Checkin;  
23,0692016/06/15 2022893  ET MALWARE MSIL/Adload.AT Beacon;  
23,0682016/06/15 2022892  ET POLICY External IP Lookup ip-score.com;  
23,0672016/06/15 2022894  ET CURRENT_EVENTS SUSPICIOUS Firesale gTLD IE Flash request to set non-standard filename (some overlap with 2021752);  
23,0662016/06/15 2022895  ET CURRENT_EVENTS Xbagger Macro Encrypted DL Jun 13 2016;  
23,0652016/06/12 2022889  ET TROJAN Bolek HTTP Checkin; [1
23,0642016/06/12 2022888  ET TROJAN Malicious SSL Certificate Detected (Bolek C2); [1
23,0632016/06/10 2022886  ET POLICY BitCoinMiner Cpuminer Login;  
23,0622016/06/10 2022884  ET CURRENT_EVENTS SUSPICIOUS EXE Download from specific file share site (used in recent maldoc campaign);  
< 81  82  83  84  85  86  87  88  89  90 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.