시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
21,1612015/05/30 2021167  ET TROJAN PunkeyPOS HTTP CnC Beacon 8; [1
21,1602015/05/30 2021171  ET DOS Possible Sentinal LM Amplification attack (Response) Inbound;  
21,1592015/05/30 2021162  ET POLICY External IP Lookup - ip2location.com;  
21,1582015/05/30 2021166  ET TROJAN PunkeyPOS HTTP CnC Beacon 7; [1
21,1572015/05/30 2021164  ET TROJAN DNS Query to TOX Ransomware onion (xwxwninkssujglja); [1
21,1562015/05/30 2021157  ET CURRENT_EVENTS Angler EK Exploit URI Struct May 28 2015 M1;  
21,1552015/05/30 2021154  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dyre CnC); [1
21,1542015/05/30 2021156  ET CURRENT_EVENTS Evil JS iframe Embedded In GIF;  
21,1532015/05/30 2021158  ET CURRENT_EVENTS Angler EK Payload URI Struct May 28 2015 M1;  
21,1522015/05/30 2021160  ET TROJAN Win32/Gatak.DR Payload Instructions; [1
21,1512015/05/30 2021155  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Yakes CnC); [1
21,1502015/05/28 2500160  ET COMPROMISED Known Compromised or Hostile Host Traffic group 81; [1
21,1492015/05/28 2021151  ET TROJAN Linux/Moose NAT Traversal CnC Beacon - Sleep; [1
21,1482015/05/28 2021152  ET TROJAN Linux/Moose NAT Traversal CnC Beacon - Multiple Tunnel; [1
21,1472015/05/28 2021153  ET TROJAN Wordpress Errorcontent CnC Beacon; [1
21,1462015/05/28 2021146  ET CURRENT_EVENTS Likely Malicious Redirect SSL Cert;  
21,1452015/05/28 2021148  ET TROJAN Linux/Moose HTTP CnC Beacon Response; [1
21,1442015/05/28 2021149  ET TROJAN Possible Linux/Moose Telnet CnC Beacon; [1
21,1432015/05/28 2021150  ET TROJAN Linux/Moose NAT Traversal CnC Beacon set; [1
21,1422015/05/28 2021147  ET TROJAN Linux/Moose HTTP CnC Beacon; [1
21,1412015/05/28 2021144  ET TROJAN Nitlove POS CnC; [1
21,1402015/05/28 2021145  ET TROJAN Likely Dridex SSL Cert;  
21,1392015/05/23 2500164  ET COMPROMISED Known Compromised or Hostile Host Traffic group 83; [1
21,1382015/05/23 2500162  ET COMPROMISED Known Compromised or Hostile Host Traffic group 82; [1
21,1372015/05/23 2021143  ET TROJAN MSIL/Autorun.AD Checkin; [1
21,1362015/05/23 2021140  ET TROJAN H1N1 Loader CnC Beacon M2; [1
21,1352015/05/23 2021141  ET CURRENT_EVENTS DNSChanger EK Landing URI Struct May 22 2015;  
21,1342015/05/23 2021142  ET TROJAN Win32/Bancos URL Structure; [1
21,1332015/05/23 2021139  ET TROJAN H1N1 Loader CnC Beacon M1; [1
21,1322015/05/23 2021138  ET WEB_SERVER ElasticSearch Directory Traversal Attempt (CVE-2015-3337);  
21,1312015/05/22 2021137  ET CURRENT_EVENTS Sundown EK Landing May 21 2015 M2;  
21,1302015/05/22 2021135  ET TROJAN Suspicious X-mailer Synapse Inbound to SMTP Server; [1
21,1292015/05/22 2021134  ET TROJAN JavaScriptBackdoor SSL Cert;  
21,1282015/05/22 2021136  ET CURRENT_EVENTS Sundown EK Landing May 21 2015 M1;  
21,1272015/05/22 2021133  ET TROJAN JavaScriptBackdoor HTTP POST CnC Beacon;  
21,1262015/05/22 2021130  ET TROJAN Blue Bot DDoS Target Request; [1
21,1252015/05/22 2021131  ET TROJAN Blue Bot DDoS Logger Request; [1
21,1242015/05/22 2021126  ET CURRENT_EVENTS Angler EK XTEA encrypted binary (24);  
21,1232015/05/22 2021132  ET TROJAN JavaScriptBackdoor HTTP GET CnC Beacon;  
21,1222015/05/22 2021128  ET TROJAN Blue Bot DDoS Proxy Request; [1
21,1212015/05/22 2021129  ET TROJAN Blue Bot DDoS Blog Request; [1
21,1202015/05/22 2021125  ET EXPLOIT Logjam Weak DH/DHE Export Suite From Server; [1
21,1192015/05/22 2021127  ET CURRENT_EVENTS Angler EK XTEA encrypted binary (25);  
21,1182015/05/22 2021124  ET EXPLOIT Logjam Weak DH/DHE Export Suite From Server; [1
21,1172015/05/22 2021120  ET POLICY External Timezone Check (earthtools.org);  
21,1162015/05/22 2021121  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS CnC); [1
21,1152015/05/22 2021122  ET TROJAN Worm.VBS.Jenxcus.H URL Structure; [1
21,1142015/05/22 2021123  ET TROJAN Worm.VBS.Jenxcus.H User Agent; [1
21,1132015/05/22 2021119  ET TROJAN SPEAR CnC Beacon 2; [1
21,1122015/05/22 2021118  ET TROJAN SPEAR CnC Beacon; [1
< 111  112  113  114  115  116  117  118  119  120 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.