시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
23,0612016/06/10 2022885  ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 106; [1,2
23,0602016/06/10 2022883  ET TROJAN Qarallax RAT Keepalive C2; [1
23,0592016/06/10 2022881  ET TROJAN Qarallax RAT Downloading Modules; [1
23,0582016/06/10 2022882  ET TROJAN Qarallax RAT Keepalive C2 (set); [1
23,0572016/06/10 2022880  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gootkit CnC); [1
23,0562016/06/10 2022879  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gootkit CnC); [1
23,0552016/06/10 2022877  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
23,0542016/06/10 2022878  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Shifu CnC); [1
23,0532016/06/10 2022876  ET INFO DYNAMIC_DNS Query to a Suspicious dynapoint.pw Domain;  
23,0522016/06/10 2022874  ET INFO Windows Executable Sent When Remote Host Claims to Send a RAR Archive;  
23,0512016/06/10 2022875  ET TROJAN BandarChor/CryptON Ransomware Checkin;  
23,0502016/06/08 2403398  ET CINS Active Threat Intelligence Poor Reputation IP group 99; [1,2
23,0492016/06/08 2022873  ET TROJAN Win32/DMA Locker CnC Checkin;  
23,0482016/06/08 2403399  ET CINS Active Threat Intelligence Poor Reputation IP group 100; [1,2
23,0472016/06/08 2022872  ET TROJAN FastPOS RAM Scraper Sending Details; [1
23,0462016/06/08 2022871  ET TROJAN FastPOS Sending Keystrokes; [1
23,0452016/06/07 2403397  ET CINS Active Threat Intelligence Poor Reputation IP group 98; [1,2
23,0442016/06/07 2403394  ET CINS Active Threat Intelligence Poor Reputation IP group 95; [1,2
23,0432016/06/07 2403395  ET CINS Active Threat Intelligence Poor Reputation IP group 96; [1,2
23,0422016/06/07 2403396  ET CINS Active Threat Intelligence Poor Reputation IP group 97; [1,2
23,0412016/06/07 2022869  ET CURRENT_EVENTS Evil Redirector Leading to EK Jun 06 2016;  
23,0402016/06/07 2403393  ET CINS Active Threat Intelligence Poor Reputation IP group 94; [1,2
23,0392016/06/07 2403392  ET CINS Active Threat Intelligence Poor Reputation IP group 93; [1,2
23,0382016/06/07 2022870  ET TROJAN ABUSE.CH Ransomware Domain Detected (Locky C2); [1
23,0372016/06/07 2022866  ET TROJAN FastPOS Reporting Error Code; [1
23,0362016/06/07 2022862  ET TROJAN FastPOS Initial Checkin; [1
23,0352016/06/07 2022868  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Quakbot CnC); [1
23,0342016/06/07 2022865  ET TROJAN FastPOS Software Update Request; [1
23,0332016/06/07 2022863  ET TROJAN FastPOS Version Checkin; [1
23,0322016/06/07 2022864  ET TROJAN FastPOS Sending Status Logs; [1
23,0312016/06/07 2022861  ET TROJAN Win32.Kovter Client CnC Traffic; [1
23,0302016/06/07 2022867  ET TROJAN FastPOS Successful Software Update Request; [1
23,0292016/06/05 2022860  ET WEB_SERVER Aribitrary File Upload Vulnerability in WP Mobile Detector; [1
23,0282016/06/05 2022859  ET CURRENT_EVENTS Evil Redirector Leading to EK Jun 03, 2016;  
23,0272016/06/05 2022856  ET CURRENT_EVENTS Tech Support Phone Scam Landing M1 Jun 3;  
23,0262016/06/05 2022858  ET CURRENT_EVENTS Suspicious BITS EXE DL Dotted Quad as Observed in Recent Cerber Campaign;  
23,0252016/06/05 2022854  ET CURRENT_EVENTS Tech Support Phone Scam Landing M5 Jun 3;  
23,0242016/06/05 2022853  ET CURRENT_EVENTS Tech Support Phone Scam Landing M4 Jun 3;  
23,0232016/06/05 2022857  ET CURRENT_EVENTS Tech Support Phone Scam Landing M2 Jun 3;  
23,0222016/06/05 2022855  ET CURRENT_EVENTS Tech Support Phone Scam Landing M3 Jun 3;  
23,0212016/06/04 2022852  ET TROJAN Luminosity RAT Possible Module Download M2;  
23,0202016/06/04 2022851  ET TROJAN Luminosity RAT Possible Module Download M1;  
23,0192016/06/04 2022850  ET MALWARE Win32/Hadsruda!bit Adware/PUA Installation Activity;  
23,0182016/06/03 2022847  ET WEB_SERVER Possible CVE-2016-5118 Exploit SVG attempt M2; [1
23,0172016/06/03 2022849  ET WEB_SERVER Possible CVE-2016-5118 Exploit MVG attempt M2; [1
23,0162016/06/03 2022846  ET WEB_SERVER Possible CVE-2016-5118 Exploit SVG attempt M1; [1
23,0152016/06/03 2022848  ET WEB_SERVER Possible CVE-2016-5118 Exploit MVG attempt M1; [1
23,0142016/06/01 2022842  ET TROJAN HTTPBrowser/Pisloader Covert DNS CnC Channel TXT Lookup; [1
23,0132016/06/01 2022845  ET TROJAN Criptobit/Mobef Ransomware Checkin;  
23,0122016/06/01 2022843  ET TROJAN ABUSE.CH Ransomware Domain Detected (Locky C2); [1
< 81  82  83  84  85  86  87  88  89  90 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.