시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
22,0612015/11/11 2022050  ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1;  
22,0602015/11/11 2022051  ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2;  
22,0592015/11/11 2022049  ET INFO Possible MSXMLHTTP Request (no .exe);  
22,0582015/11/11 2022048  ET TROJAN Cryptowall .onion Proxy Domain; [1
22,0572015/11/08 2022044  ET POLICY DNS Query to .onion proxy Domain (partnersinvestpayto.com);  
22,0562015/11/08 2022043  ET POLICY DNS Query to .onion proxy Domain (marketcryptopartners.com);  
22,0552015/11/08 2022046  ET POLICY DNS Query to .onion proxy Domain (effectwaytopay.com);  
22,0542015/11/08 2022041  ET POLICY DNS Query to .onion proxy Domain (paypartnerstodo.com);  
22,0532015/11/08 2022045  ET POLICY DNS Query to .onion proxy Domain (forkinvestpay.com);  
22,0522015/11/08 2022042  ET POLICY DNS Query to .onion proxy Domain (allepohelpto.com);  
22,0512015/11/06 2022036  ET CURRENT_EVENTS Successful Google Drive (Remax) Phish Nov 4;  
22,0502015/11/06 2022039  ET CURRENT_EVENTS Possible vBulletin object injection vulnerability Attempt; [1
22,0492015/11/06 2022040  ET CURRENT_EVENTS Evil Redirector Leadking to EK Nov 2015;  
22,0482015/11/06 2022032  ET CURRENT_EVENTS Fake Virus Phone Scam GET Nov 4;  
22,0472015/11/06 2022034  ET TROJAN Silent Miner Changelog Checkin;  
22,0462015/11/06 2022038  ET TROJAN JS/Nemucod.M.gen requesting PDF payload 2015-11-02; [1
22,0452015/11/06 2022035  ET CURRENT_EVENTS Google Drive (Remax) Phish Landing Nov 4;  
22,0442015/11/06 2022033  ET CURRENT_EVENTS Fake Virus Phone Scam Landing Nov 4 M1;  
22,0432015/11/06 2022037  ET TROJAN JS/Nemucod.M.gen requesting EXE payload 2015-11-02; [1
22,0422015/11/06 2022030  ET CURRENT_EVENTS Fake Virus Phone Scam Landing Nov 4 M2;  
22,0412015/11/06 2022029  ET CURRENT_EVENTS Jimdo.com Phishing PDF via HTTP;  
22,0402015/11/06 2022031  ET CURRENT_EVENTS Fake Virus Phone Scam JS Landing Nov 4;  
22,0392015/11/05 2022028  ET WEB_SERVER Possible CVE-2014-6271 Attempt; [1
22,0382015/11/05 2022026  ET TROJAN Win32.Sharik Java Connectivity Check;  
22,0372015/11/05 2022027  ET TROJAN Win32.Sharik Adobe Connectivity Check 3;  
22,0362015/11/05 2022025  ET TROJAN Win32.Sharik Adobe Connectivity Check 2;  
22,0352015/11/04 2022024  ET VOIP H.323 in Q.931 Call Setup - Inbound;  
22,0342015/11/04 2022017  ET CURRENT_EVENTS Successful Paypal Account Phish Oct 30;  
22,0332015/11/04 2022018  ET CURRENT_EVENTS Successful Paypal Account Phish Oct 30 2;  
22,0322015/11/04 2022019  ET CURRENT_EVENTS Successful Paypal Account Phish Oct 30 3;  
22,0312015/11/04 2022020  ET TROJAN Likely Malvertising Malicious PE Download; [1
22,0302015/11/04 2022022  ET VOIP Possible Misuse Call from MERA RTU;  
22,0292015/11/04 2022023  ET VOIP Q.931 Call Setup - Inbound;  
22,0282015/11/04 2022016  ET TROJAN Vawtrak/NeverQuest Posting Data 2;  
22,0272015/11/04 2022021  ET TROJAN Malicious SSL certificate detected (Spy.Shiz CnC);  
22,0262015/11/04 2022014  ET WEB_SPECIFIC_APPS Reversed Pastebin Injection in Magento DB; [1
22,0252015/11/04 2022015  ET WEB_SPECIFIC_APPS Reversed Pastebin Injection in Magento DB 2; [1
22,0242015/11/03 2021873  ET TROJAN Linux/dtool IRC Command (TCPFLOOD); [1
22,0232015/11/03 2021886  ET POLICY Hola VPN Activity - X-Hola-* Headers;  
22,0222015/11/03 2021892  ET CURRENT_EVENTS Successful Phish Yahoo Credentials Oct 1;  
22,0212015/11/03 2021875  ET TROJAN Linux/dtool IRC Command (AUTH); [1
22,0202015/11/03 2021887  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (TorrentLocker CnC); [1
22,0192015/11/03 2021881  ET TROJAN Linux/dtool IRC Command Complete 1; [1
22,0182015/11/03 2021883  ET TROJAN Linux/dtool IRC Command Complete 3; [1
22,0172015/11/03 2021890  ET CURRENT_EVENTS Successful Phish Outlook Credentials Oct 1;  
22,0162015/11/03 2021884  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
22,0152015/11/03 2021885  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
22,0142015/11/03 2021889  ET TROJAN Java/QRat Retrieving PE;  
22,0132015/11/03 2021876  ET TROJAN Linux/dtool IRC Command (RAW); [1
22,0122015/11/03 2021888  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (TorrentLocker CnC); [1
< 101  102  103  104  105  106  107  108  109  110 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.