시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
21,4612015/07/22 2021449  ET CURRENT_EVENTS Fake AV Phone Scam Landing July 20 2015 M4;  
21,4602015/07/22 2021500  ET CURRENT_EVENTS Fake AV Phone Scam Landing July 20 2015 M1;  
21,4592015/07/22 2400028  ET DROP Spamhaus DROP Listed Traffic Inbound group 29; [1
21,4582015/07/22 2021447  ET CURRENT_EVENTS Fake AV Phone Scam Landing July 20 2015 M2;  
21,4572015/07/22 2021448  ET CURRENT_EVENTS Fake AV Phone Scam Landing July 20 2015 M3;  
21,4562015/07/22 2021444  ET CURRENT_EVENTS Likely Linux/IptabLesX C2 Domain Lookup (GroUndHog.MapSnode.CoM);  
21,4552015/07/22 2021445  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (VMZeuS MITM); [1
21,4542015/07/22 2021443  ET CURRENT_EVENTS Likely Linux/Xorddos.F DDoS Attack Participation (v8.f1122.org);  
21,4532015/07/22 2021446  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Ransomware CnC); [1
21,4522015/07/22 2021442  ET TROJAN Win32.Rioselx.A Checkin;  
21,4512015/07/22 2021437  ET TROJAN Tsyrval Panda CnC Beacon;  
21,4502015/07/22 2021438  ET POLICY External IP Lookup sina.com.cn;  
21,4492015/07/22 2021440  ET TROJAN KeyBase Keylogger HTTP Pattern; [1
21,4482015/07/22 2021441  ET TROJAN KeyBase Keylogger Uploading Screenshots; [1
21,4472015/07/22 2021439  ET TROJAN Win32/Bancos.AMM CnC Beacon;  
21,4462015/07/18 2021435  ET CURRENT_EVENTS Evil Redirector Leading to EK Jul 17;  
21,4452015/07/18 2021436  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (VMZeuS MITM); [1
21,4442015/07/18 2021431  ET TROJAN Possible CVE-2015-2424 RTF Dropping Sofacy; [1
21,4432015/07/18 2021433  ET CURRENT_EVENTS Possible Dyre SSL Cert M2 (L CN);  
21,4422015/07/18 2021434  ET CURRENT_EVENTS Possible Dyre SSL Cert M3 (O CN);  
21,4412015/07/18 2021432  ET CURRENT_EVENTS Possible Dyre SSL Cert M1 (L O);  
21,4402015/07/17 2021429  ET CURRENT_EVENTS Possible IE MSMXL Detection of Local DLL (Likely Malicious);  
21,4392015/07/17 2021428  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (HTTPBrowser CnC); [1
21,4382015/07/17 2021430  ET CURRENT_EVENTS Possible IE MSMXL Detection of Local SYS (Likely Malicious);  
21,4372015/07/17 2021425  ET TROJAN APT CozyCar SSL Cert 8; [1
21,4362015/07/17 2021426  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex CnC); [1
21,4352015/07/17 2021422  ET TROJAN APT CozyCar SSL Cert 5; [1
21,4342015/07/17 2021421  ET TROJAN APT CozyCar SSL Cert 4; [1
21,4332015/07/17 2021424  ET TROJAN APT CozyCar SSL Cert 7; [1
21,4322015/07/17 2021417  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Ransomware CnC); [1
21,4312015/07/17 2021420  ET TROJAN APT CozyCar SSL Cert 3; [1
21,4302015/07/17 2021427  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dyre CnC); [1
21,4292015/07/17 2021418  ET TROJAN Bedep HTTP POST CnC Beacon;  
21,4282015/07/17 2021415  ET CURRENT_EVENTS Likely Malicious Redirect SSL Cert;  
21,4272015/07/17 2021416  ET TROJAN BernhardPOS Possible Data Exfiltration via DNS Lookup (29a.de); [1
21,4262015/07/17 2021423  ET TROJAN APT CozyCar SSL Cert 6; [1
21,4252015/07/17 2021419  ET TROJAN APT CozyCar SSL Cert 2; [1
21,4242015/07/16 2021412  ET MOBILE_MALWARE DNS Android/Spy.Feabme.A Query; [1
21,4232015/07/16 2021414  ET CURRENT_EVENTS Suspicious SWF filename movie(dot)swf in doc root;  
21,4222015/07/16 2021413  ET TROJAN SeaDuke CnC Beacon; [1
21,4212015/07/15 2021410  ET CURRENT_EVENTS Likely Linux/Xorddos DDoS Attack Participation (xxxatat456.com);  
21,4202015/07/15 2021411  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Spy.Shiz CnC); [1
21,4192015/07/15 2021409  ET CURRENT_EVENTS Likely Linux/Xorddos DDoS Attack Participation (gggatat456.com);  
21,4182015/07/15 2021407  ET CURRENT_EVENTS HanJuan EK Current Campaign Landing URI Struct Jul 10 2015;  
21,4172015/07/15 2021408  ET EXPLOIT AirLive RCI HTTP Request; [1
21,4162015/07/15 2021405  ET CURRENT_EVENTS Targeted Attack from APT Actor Delivering HT SWF Exploit RIP;  
21,4152015/07/15 2021406  ET POLICY External IP Lookup ip-api.com;  
21,4142015/07/11 2021403  ET TROJAN W32/Banload.VZS Banker POST CnC Beacon 1;  
21,4132015/07/11 2021404  ET TROJAN W32/Banload.VZS Banker POST CnC Beacon 2;  
21,4122015/07/11 2021399  ET TROJAN Matsnu Checkin; [1
< 111  112  113  114  115  116  117  118  119  120 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.