시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
23,1612016/07/07 2403430  ET CINS Active Threat Intelligence Poor Reputation IP group 131; [1,2
23,1602016/07/07 2403435  ET CINS Active Threat Intelligence Poor Reputation IP group 136; [1,2
23,1592016/07/07 2022951  ET TROJAN OSX/Keydnap DNS Query to CnC; [1
23,1582016/07/07 2022949  ET CURRENT_EVENTS RIG EK Payload Jul 05 2016;  
23,1572016/07/07 2022952  ET TROJAN Ransomware Locky CnC Beacon 21 May;  
23,1562016/07/07 2403429  ET CINS Active Threat Intelligence Poor Reputation IP group 130; [1,2
23,1552016/07/07 2022950  ET TROJAN OSX/Keydnap DNS Query to CnC; [1
23,1542016/07/07 2022948  ET TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Malware C2); [1
23,1532016/07/07 2022945  ET TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Rockloader); [1
23,1522016/07/07 2022947  ET TROJAN BartCrypt Payment DNS Query to .onion proxy Domain (khh5cmzh5q7yp7th);  
23,1512016/07/07 2022946  ET TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Zeus C2); [1
23,1502016/07/07 2022943  ET TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Gootkit C2); [1
23,1492016/07/07 2022944  ET TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Malware C2); [1
23,1482016/07/03 2022942  ET CURRENT_EVENTS Possible Malicous Macro DL EXE Jul 01 2016 (exe generic custom headers);  
23,1472016/07/03 2022941  ET CURRENT_EVENTS Possible Malicous Macro DL EXE Jul 01 2016 (dll generic custom headers);  
23,1462016/07/03 2022940  ET CURRENT_EVENTS Possible Malicous Macro DL EXE Jul 01 2016 (userdir dotted quad);  
23,1452016/07/03 2022939  ET CURRENT_EVENTS Possible Malicous Macro DL EXE Jul 01 2016 (pm);  
23,1442016/07/03 2020577  ET POLICY DNS Query to .onion proxy Domain (onion.direct); [1
23,1432016/07/03 2020574  ET POLICY DNS Query to .onion proxy Domain (onion.glass); [1
23,1422016/07/03 2020211  ET POLICY DNS Query to .onion proxy Domain (onion.gq); [1
23,1412016/07/02 2022936  ET EXPLOIT Possible Symantec Malicious MIME Doc Name Overflow (EICAR) toclient M4; [1
23,1402016/07/02 2022937  ET EXPLOIT Possible Symantec Malicious MIME Doc Name Overflow (EICAR) toclient M3; [1
23,1392016/07/02 2022938  ET EXPLOIT Possible Symantec Malicious MIME Doc Name Overflow (EICAR) toserver M4; [1
23,1382016/07/02 2022935  ET EXPLOIT Possible Symantec Malicious MIME Doc Name Overflow (EICAR) toserver M3; [1
23,1372016/07/02 2022932  ET EXPLOIT Possible Symantec Malicious MIME Doc Name Overflow (EICAR) toclient M2; [1
23,1362016/07/02 2022933  ET EXPLOIT Possible Symantec Malicious MIME Doc Name Overflow (EICAR) toclient M1; [1
23,1352016/07/02 2022930  ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow; [1
23,1342016/07/02 2022929  ET TROJAN Win32/Satana Ransomware Checkin; [1
23,1332016/07/01 2022928  ET CURRENT_EVENTS Tech Support Phone Scam Landing Jun 29 M4;  
23,1322016/07/01 2022927  ET CURRENT_EVENTS Tech Support Phone Scam Landing Jun 29 M3;  
23,1312016/07/01 2022926  ET CURRENT_EVENTS Tech Support Phone Scam Landing Jun 29 M2;  
23,1302016/07/01 2022925  ET CURRENT_EVENTS Tech Support Phone Scam Landing Jun 29 M1;  
23,1292016/07/01 2022923  ET EXPLOIT Possible CVE-2016-2209 Symantec PowerPoint Parsing Buffer Overflow M1; [1
23,1282016/07/01 2022924  ET EXPLOIT Possible CVE-2016-2209 Symantec PowerPoint Parsing Buffer Overflow M2; [1
23,1272016/06/28 2403425  ET CINS Active Threat Intelligence Poor Reputation IP group 126; [1,2
23,1262016/06/28 2403427  ET CINS Active Threat Intelligence Poor Reputation IP group 128; [1,2
23,1252016/06/28 2403428  ET CINS Active Threat Intelligence Poor Reputation IP group 129; [1,2
23,1242016/06/28 2403426  ET CINS Active Threat Intelligence Poor Reputation IP group 127; [1,2
23,1232016/06/28 2022921  ET TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Malware C2); [1
23,1222016/06/28 2022922  ET TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (H1N1 C2); [1
23,1212016/06/28 2022919  ET TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Malware C2); [1
23,1202016/06/28 2022920  ET TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Gootkit C2); [1
23,1192016/06/28 2022917  ET TROJAN Ransomware Locky .onion Payment Domain (mphtadhci5mrdlju);  
23,1182016/06/28 2022918  ET INFO DYNAMIC_DNS Query to *.duckdns. Domain;  
23,1172016/06/27 2403421  ET CINS Active Threat Intelligence Poor Reputation IP group 122; [1,2
23,1162016/06/27 2403422  ET CINS Active Threat Intelligence Poor Reputation IP group 123; [1,2
23,1152016/06/27 2403423  ET CINS Active Threat Intelligence Poor Reputation IP group 124; [1,2
23,1142016/06/27 2403424  ET CINS Active Threat Intelligence Poor Reputation IP group 125; [1,2
23,1132016/06/27 2022916  ET CURRENT_EVENTS RIG EK Payload Jun 26 2016;  
23,1122016/06/25 2403420  ET CINS Active Threat Intelligence Poor Reputation IP group 121; [1,2
< 71  72  73  74  75  76  77  78  79  80 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.