시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
21,0112015/04/29 2021018  ET EXPLOIT WNR2000v4 HTTP POST RCE Attempt Via Timestamp Discovery; [1
21,0102015/04/29 2021015  ET TROJAN Win32/Ruckguv.A SSL Cert;  
21,0092015/04/29 2021016  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Ransomware CnC); [1
21,0082015/04/29 2021014  ET TROJAN CryptoWall SSL Cert;  
21,0072015/04/29 2021013  ET TROJAN Likely Dridex Generic SSL Cert;  
21,0062015/04/29 2021012  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 100; [1,2
21,0052015/04/26 2021009  ET TROJAN Email Contains wininet.dll Call - Potentially Dridex MalDoc 1;  
21,0042015/04/26 2021011  ET TROJAN Email Contains wininet.dll Call - Potentially Dridex MalDoc 3;  
21,0032015/04/26 2021010  ET TROJAN Email Contains wininet.dll Call - Potentially Dridex MalDoc 2;  
21,0022015/04/26 2021008  ET TROJAN Email Contains InternetOpen WinInet API Call - Potentially Dridex MalDoc 3;  
21,0012015/04/26 2021005  ET WEB_SPECIFIC_APPS Vulnerable Magento Adminhtml Access; [1
21,0002015/04/26 2021006  ET TROJAN Email Contains InternetOpen WinInet API Call - Potentially Dridex MalDoc 1;  
20,9992015/04/26 2021007  ET TROJAN Email Contains InternetOpen WinInet API Call - Potentially Dridex MalDoc 2;  
20,9982015/04/26 2021004  ET CURRENT_EVENTS Fiesta Payload/Exploit URI Struct M9;  
20,9972015/04/26 2021003  ET CURRENT_EVENTS Fiesta Payload/Exploit URI Struct M8;  
20,9962015/04/26 2021002  ET CURRENT_EVENTS Fiesta Payload/Exploit URI Struct M7;  
20,9952015/04/26 2021001  ET CURRENT_EVENTS Fiesta Payload/Exploit URI Struct M6;  
20,9942015/04/26 2020999  ET CURRENT_EVENTS Fiesta Payload/Exploit URI Struct M4;  
20,9932015/04/26 2021000  ET CURRENT_EVENTS Fiesta Payload/Exploit URI Struct M5;  
20,9922015/04/26 2020998  ET CURRENT_EVENTS Fiesta Payload/Exploit URI Struct M3;  
20,9912015/04/26 2020997  ET CURRENT_EVENTS Fiesta Payload/Exploit URI Struct M2;  
20,9902015/04/26 2020995  ET CURRENT_EVENTS Fiesta Payload/Exploit URI Struct M0;  
20,9892015/04/26 2020996  ET CURRENT_EVENTS Fiesta Payload/Exploit URI Struct M1;  
20,9882015/04/26 2020994  ET CURRENT_EVENTS Possible Sundown EK Flash Exploit Struct T2 Apr 24 2015;  
20,9872015/04/26 2020991  ET CURRENT_EVENTS Possible Sundown EK Payload Struct T2 M1 Apr 24 2015;  
20,9862015/04/26 2020993  ET CURRENT_EVENTS IonCube Encoded Page (no alert);  
20,9852015/04/26 2020992  ET CURRENT_EVENTS Possible Sundown EK Payload Struct T2 M2 Apr 24 2015;  
20,9842015/04/26 2020989  ET CURRENT_EVENTS Possible Sundown EK Payload Struct T1 Apr 24 2015;  
20,9832015/04/26 2020990  ET CURRENT_EVENTS Sundown EK Secondary Landing T1 M2 Apr 24 2015;  
20,9822015/04/26 2020988  ET CURRENT_EVENTS Possible Sundown EK URI Struct T1 Apr 24 2015;  
20,9812015/04/26 2020985  ET CURRENT_EVENTS Sundown EK Secondary Landing Apr 20 2015;  
20,9802015/04/26 2020986  ET CURRENT_EVENTS Possible Dridex Downloader SSL Certificate;  
20,9792015/04/26 2020987  ET CURRENT_EVENTS Download file with Powershell via LNK file (observed in Sundown EK);  
20,9782015/04/25 2020983  ET CURRENT_EVENTS Fiesta EK Java Exploit Apr 23 2015;  
20,9772015/04/25 2020984  ET CURRENT_EVENTS Fiesta EK PDF Exploit Apr 23 2015;  
20,9762015/04/25 2020982  ET CURRENT_EVENTS Fiesta EK SilverLight Exploit Apr 23 2015;  
20,9752015/04/25 2020981  ET CURRENT_EVENTS Fiesta EK Flash Exploit Apr 23 2015;  
20,9742015/04/25 2020979  ET CURRENT_EVENTS Fiesta EK Landing Apr 23 2015;  
20,9732015/04/25 2020980  ET CURRENT_EVENTS Fiesta EK IE Exploit Apr 23 2015;  
20,9722015/04/25 2020977  ET EXPLOIT Possible Redirect to SMB exploit attempt - 303; [1
20,9712015/04/25 2020978  ET TROJAN DDoS.Win32.Agent.bay Variant Covert Channel (VERSONEX);  
20,9702015/04/25 2020976  ET EXPLOIT Possible Redirect to SMB exploit attempt - 307; [1,2
20,9692015/04/24 2020969  ET TROJAN CozyDuke APT Possible SSL Cert 4; [1
20,9682015/04/24 2020973  ET POLICY Petite Packed Binary Download;  
20,9672015/04/24 2020970  ET TROJAN CozyDuke APT Possible SSL Cert 5; [1
20,9662015/04/24 2020971  ET TROJAN CozyDuke APT Possible SSL Cert 6; [1
20,9652015/04/24 2020972  ET TROJAN CozyDuke APT Possible SSL Cert 7; [1
20,9642015/04/24 2020975  ET CURRENT_EVENTS Nuclear EK Landing Apr 22 2015;  
20,9632015/04/24 2020974  ET TROJAN CozyDuke APT Possible SSL Cert 8; [1,2
20,9622015/04/24 2020965  ET TROJAN CozyDuke APT HTTP CnC Beacon Response; [1
< 121  122  123  124  125  126  127  128  129  130 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.