Server : Apache System : Linux copper.netcy.com 2.6.32-754.27.1.el6.centos.plus.x86_64 #1 SMP Thu Jan 30 13:54:25 UTC 2020 x86_64 User : montcaro ( 581) PHP Version : 7.4.28 Disable Function : NONE Directory : /opt/tijeers/tsrvmng/mscan/sigs/ |
winnow.compromised.ts.jsexploit.2:3:*:3c736372697074207372633d687474703a2f2f25 winnow.compromised.ts.jsexploit.3:3:*:3c626f6479{-20}3c73637269707420747970653d22746578742f6a617661736372697074223e6576616c28737472696e672e66726f6d63686172636f646528 winnow.compromised.ts.jsexploit.4:3:*:687474703a2f2f??(30|31|32|33|34|34|36|37|38|39)??2e????3a383038302f696e6465782e706870 winnow.compromised.ts.jsexploit.5:3:*:3c2f68746d6c3e{-20}3c696672616d65207372633d22 winnow.compromised.ts.jsexploit.6:3:*:5b27756e272b276573272b276361272b277065275d3b winnow.compromised.ts.jsexploit.7:3:*:5b276672272b276f6d272b276368272b276172272b27636f272b276465275d3b winnow.compromised.ts.jsexploit.7:3:*:5b275c7530303735272b756e657363617065282725366525363525373325363325363125373025363527295d3b winnow.compromised.ts.dnspoison.1:3:*:7461726765742e72756e2022636d64202f4b206563686f20{15-35}3e3e633a5c77696e646f77735c73797374656d33325c647269766572731b74635c686f73747320 winnow.botnets.ko.koobface.1:3:*:687474703a2f2f{-35}2f30783365382f winnow.trojan.GRIZZLY_STEPPE.php.3.1.0:0:*:3c3f706870203d2762617365272e2833322a32292e275f6465272e27636f6465273b3d287374725f7265706c61636528220a222c2027272c2027 winnow.trojan.GRIZZLY_STEPPE.php.4.1.1:0:*:3c3f706870203d2749686c4a6259536a766f6a335a747367736c4d4773647530415a6f67676f4437366138456e593247 winnow.trojan.GRIZZLY_STEPPE.php.3.1.7:0:*:3c3f706870203d2762617365272e283132382f32292e275f6465272e27636f6465273b3d287374725f7265706c61636528220a222c2027272c2027 winnow.trojan.Komplexosx.3.1.7:0:*:2f55736572732f6b617a616b2f4465736b746f702f50726f6a6563742f6b6f6d706c6578 winnow.trojan.Xagent.3.1.7:0:*:2f55736572732f6b617a616b2f4465736b746f702f50726f6a6563742f584167656e744f5358 winnow.trojan.ts.locky.16:3:*:28726e6428422c532c462c482c412c442c432c4e2c4d2c4c29 winnow.scareware.ts.domain.16:3:*:28373136293830352d33323533 winnow.scareware.ts.domain.17:3:*:312d3731362d3938302d39313831 winnow.scareware.ts.domain.18:4:*:312d3731362d3938302d39313831 winnow.Email.ts.hsbc.1:4:*:5265706c792d546f3a203c4e6f2d7265706c7940687362732e636f6d3e winnow.phish.ts.avousa.27:4:*:61766f7573612e636f6d winnow.phish.ts.WiFSc.28:4:*:57694653632e7275 winnow.phish.ts.scam.28:4:*:5375626a6563743a20796f75277665206265656e207363616d6d6564 winnow.phish.ts.hack-sell.28:4:*:6861636b2d73656c6c2e7375 winnow.phish.ts.cloudflare.28:3:*:636c6f7564666c6172652e636f6d2e6c6f67696e winnow.phish.ts.cloudflare.29:4:*:636c6f7564666c6172652e636f6d2e6c6f67696e winnow.phish.ts.infourl.29:4:*:2f73697465732f64656661756c742f66696c65732f696e666f75726c2e68746d winnow.phish.ts.infourl.29:3:*:2f73697465732f64656661756c742f66696c65732f696e666f75726c2e68746d winnow.trojan.ts.forum_links_column.29:4:*:3a383038302f666f72756d2f6c696e6b732f636f6c756d6e2e706870 winnow.trojan.ts.forum_links_column.29:3:*:3a383038302f666f72756d2f6c696e6b732f636f6c756d6e2e706870 winnow.trojan.ts.macdownloader.1:0:*:436f7079726967687420c2a92032303135204d616d65646f662e20416c6c207269676874732072657365727665642e winnow.phish.ts.pillz.23:3:*:2f68656c702f7469636b65742f737570706f72742f winnow.trojan.ts.download.23:3:*:2f64656661756c742f66696c65732f70616765382e68746d winnow.trojan.ts.java.23:3:*:3c6f626a65637420747970653d226170706c69636174696f6e2f782d6a6176612d6170706c6574222077696474683d22303030303030303030303022206865696768743d2230303030303030303030303030223e winnow.trojan.ts.jpgzip.23:4:*:436f6e74656e742d547970653a206170706c69636174696f6e2f6f637465742d73747265616d3b{-5}6e616d653d22{-25}2d4a50472e7a6970 winnow.spam.ts.badheader.26:4:*:6f31346d72323832303432317765702e36312e31333136343433313837363035 winnow.trojan.ts.forum_links_column.23:7:*:2e72753a383038302f666f72756d2f6c696e6b732f winnow.trojan.ts.shipping.29:3:*:3d3344737330305f333233 winnow.trojan.ts.shipping.28:4:*:3d3344737330305f333233 winnow.trojan.ts.shipping.30:3:*:3d737330305f333233 winnow.trojan.ts.shipping.31:4:*:3d737330305f333233 winnow.trojan.ts.shipping.46:3:*:3d33443838335f winnow.trojan.ts.shipping.47:4:*:3d33443838335f winnow.trojan.ts.shipping.48:3:*:5f696e666f3d3838335f winnow.trojan.ts.shipping.49:4:*:5f696e666f3d3838335f winnow.trojan.ts.shipping.50:3:*:3d33443838325f winnow.trojan.ts.shipping.51:4:*:3d33443838325f winnow.trojan.ts.shipping.52:3:*:5f696e666f3d3838325f winnow.trojan.ts.shipping.53:4:*:5f696e666f3d3838325f winnow.trojan.ts.shipping.54:3:*:6e666f3d3839365f33 winnow.trojan.ts.shipping.55:4:*:6e666f3d3839365f33 winnow.trojan.ts.RigAnglerDriveby.44:3:*:3f676f6e6578743d7472756526723d winnow.trojan.ts.RigAnglerDriveby.45:4:*:3f676f6e6578743d7472756526723d winnow.trojan.ts.pillz.44:3:*:2f6b6e6f7774687973656c662e706870 winnow.trojan.ts.pillz.45:4:*:2f6b6e6f7774687973656c662e706870 winnow.phish.ts.bbb.29:3:*:2f626574746572627573696e65737372702e68746d6c winnow.phish.ts.pills.29:3:*:2f6d6e2e696e6465782e706870 winnow.phish.ts.wordpress.29:4:*:2e626c6f672e6361742f7770732e7068703f763230313230323236 winnow.phish.ts.wordpress.30:4:*:2f74656d706c617465732f6265657a2f692e7068703f763230313230323236 winnow.spam.ts.google.1:4:*:20687474703a2f2f676f6f676c652e636f6d2f7472616e736c6174653f753d792e61686f6f2e69742f winnow.spam.ts.google.2:4:*:20687474703a2f2f676f6f676c652e636f6d2f7472616e736c6174653f753d3344792e61686f6f2e69742f winnow.phish.ts.absa.4:3:*:2f656e66612f736169632f63696e7465652f616d65722f726f73622f6974756e2e706870 winnow.phish.ts.china.4:4:*:74756978696e32303133403132362e636f6d winnow.trojan.ts.wait.11:3:*:3c7469746c653e506c6561736520776169742e2e3c2f7469746c653e winnow.malware.ts.scanner.1:3:*:2f2f20??63616e20696e62307820686f746d61696c2076312e30 winnow.malware.ts.scanner.2:3:*:2f2f20696e736964657465616d20696e626f78207363616e6e6572 winnow.malware.ts.scanner.3:3:*:2f2f207363616e20696e62307820686f746d61696c2076332e30 winnow.malware.ts.scanner.4:3:*:2f2f20696e626f782074657374657220312e35 winnow.malware.ts.scanner.5:3:*:2f2f202d2d3d7363616e20696e6230783d2d2d winnow.malware.ts.safemodebypass.1:3:*:4c697a307a694d{-40}627970617373206578706c6f6974 winnow.malware.ts.defacing.1:3:*:23205b706870{-8}5d20612070617274206f66206465666163696e6720746f6f6c2070726f winnow.malware.ts.defacing.2:3:*:235b706870{-8}5d20612070617274206f66206465666163696e6720746f6f6c2070726f winnow.malware.ts.phpbot.1:3:*:636173652022706870626f74223a20696e636c756465282475726c2e2770626f742e74787427293b winnow.malware.ts.phpbot.1:3:*:3c7469746c653e706870636f6e66696773707920 winnow.malware.ts.artixicqphpbrute.1:3:*:617274697820696371207068706272757465{-300}24737461743d666f70656e2824636f6e6669675b277374617466696c65275d2c27772b27293b206677726974652824737461742c2473293b2066636c6f7365282473746174293b winnow.malware.ts.mailbrute.1:3:*:2473657276657273203d2061727261792820226d61696c22203d3e2022{-20}222c2022696e626f7822203d3e2022{-20}222c2022626b22203d3e2022{-20}222c20226c69737422203d3e2022{-20}222c20293b2024706f7033706f7274203d20313130 winnow.malware.ts.mailbrute.2:3:*:24757365725f6c6f67696e203d2066696c652822{-20}22293b2024{-480}69662824706f70335f636f6e6e656374696f6e2d3e4c6f67696e2824755f6c6f67696e2c2024755f7061737377642c202461706f702929207b winnow.malware.ts.sqlbrute.1:3:*:24706f7274203d20223333303622{-160}2462727574655f73617665203d20666f70656e282262727574655f736176652e747874222c2022612b22293b{-400}666c6f636b282462727574655f736176652c2033293b winnow.malware.ts.ftpbrute.1:3:*:24706f7274203d2032313b{-150}2462727574655f73617665203d20666f70656e282262727574655f736176655f6674702e747874222c22612b22293b winnow.malware.ts.boa.cert.1:3:*:746865206469676974616c20636572746966696361746520666f7220796f75722062616e6b206f6620616d657269636120646972656374206f6e6c696e65206163636f756e742068617320657870697265642e winnow.malware.ts.iwork09trojan.1:1:*:456e676c6973682e6c70726f6a2f69576f726b53657276696365732e696e666f winnow.malware.ts.iwork09trojan.2:1:*:69576f726b53657276696365732e626f6d winnow.malware.ts.MacGuard.1:1:*:4d67696e7374616c6c2e706b67 winnow.malware.ts.MacDefender.2:1:*:4d64696e7374616c6c2e706b67 winnow.malware.ts.visal.a.1:3:*:2f7064665f646f63756d656e7432312e3032353534323031302e706466 winnow.malware.ts.facebook.1:3:*:2f75736572736469726563746f72792f6c6f67696e66616365626f6f6b2e7068703f7265663d winnow.malware.ts.facebook.2:3:*:2f7573722f4c6f67696e46616365626f6f6b2e7068703f7265663d winnow.malware.ts.bradesco.1:3:*:726563616461737472616d656e746f5f627261646573636f2e657865 winnow.malware.ts.bradesco.2:4:*:526563616461737472616d656e746f5f427261646573636f2e657865 winnow.malware.ts.bradesco.2:4:*:526563616461737472616d656e746f5f427261646573636f2e657865 winnow.malware.ts.capitalone.1:3:*:2f6361706974616c6f6e6569642f75736572736469722f winnow.malware.ts.webmail.1:4:*:596f75206861766520746f206368616e676520746865207365637572697479206d6f6465206f6620796f7572206163636f756e742c2066726f6d207374616e6461727420746f207365637572652e20506c65617365206368616e676520746865207365637572697479206d6f6465206279207573696e6720746865206c696e6b2062656c6f773a winnow.malware.ts.webmail.2:3:*:2f7765626d61696c2f73657474696e67732f6e6f666c6173682e7068703f6d6f64653d7374616e646172742669643d winnow.malware.ts.webmail.3:4:*:2f7765626d61696c2f73657474696e67732f6e6f666c6173682e7068703f6d6f64653d7374616e646172742669643d winnow.malware.ts.injection.1:3:*:696628646f63756d656e742e6c6f636174696f6e2e687265662e696e6465786f662822676f7622293e3d3029{-4}7b7d20656c7365207b646f63756d656e742e777269746528223c646976207374796c653d27646973706c61793a6e6f6e65273e2229{-4}646f63756d656e742e777269746528756e6573636170652827253363696672616d65253230737263253364{-90}646f63756d656e742e777269746528756e65736361706528272533652533632f696672616d65253365{-4}646f63756d656e742e777269746528223c2f6469763e22297d winnow.malware.ts.jsinject.1:3:*:646f63756d656e742e676574456c656d656e744279496428224d61696e496e6a46696c652229 winnow.spam.ts.stock.6:3:*:417070737761726d winnow.spam.ts.spammer.19:4:*:2b39312d38383030333032333131 winnow.spam.ts.domainfraud.1:4:*:312d3231322d3530372d39313631 winnow.spam.ts.domainfraud.2:4:*:312d3731362d3332382d31373232 winnow.spam.ts.diploma.2:4:*:3230362d3432382d31393832 winnow.spam.ts.diploma.3:4:*:2b312d3230332d3432382d34363136 winnow.spam.ts.diploma.3:3:*:3230362d3432382d31393832 winnow.spam.ts.seo.2:4:*:2b393139323336353436343637 winnow.spam.ts.mailinglist.1:4:*:6d656574736578796d617465737275 winnow.spam.ts.mailinglist.2:4:*:2f323437656d61696c6c697374732f winnow.spam.ts.template.1:4:*:687474703a2f2f257b4155544f56414c53 winnow.spam.ts.joejob.2:3:*:687474703a2f2f257b4155544f56414c53 winnow.spam.ts.affiliate.1:3:*:436f6d6d65726369616c204275696c64696e672034322d3436204d6172626c6520526f616420486f6e67204b6f6e672c20393939303737 winnow.malware.ts.AppLockerBypass.2:0:*:65677376723332202f73202f6e202f75202f693a687474703a2f2f7265672e63782f326b4b3320 winnow.malware.ts.AppLockerBypass.3:0:*:416374697665584f626a6563742822575363726970742e5368656c6c22292e52756e2822636d642e6578652229 GreenNetSigs.JS.obf1602eval:0:2500,2500:0d0a096576616c28{1-25}2822253039{0-120}253542 winnow.spam.ts.ar_spam.12:3:*:726f626572746f2e6a6f7267653734 winnow.spam.ts.ar_spam.13:4:*:726f626572746f2e6a6f7267653734 winnow.spam.ts.fraud.15:3:*:446f6d61696e205365727669636573203c6e6f746963657340646f6d61696e6e6f7469636573383332302e636f6d3e winnow.spam.ts.fraud.16:4:*:446f6d61696e205365727669636573203c6e6f746963657340646f6d61696e6e6f7469636573383332302e636f6d3e winnow.spam.ts.domainnotices.19:3:*:312d3731362d3635302d34373933 winnow.spam.ts.domainnotices.20:4:*:312d3731362d3635302d34373933 winnow.malware.ts.commandfile.1:0:*:5b696e666f5d72756e75726c3a687474703a2f2f{10-40}2e6578657c7461736b69643a winnow.malware.ts.deleter.1:0:*:64656c{1-5}5c22433a5c57494e444f57535c73797374656d33325c22{1-5}2f712f733e6e756c winnow.malware.ts.deleter.2:0:*:64656c{1-5}5c22433a5c57494e444f57535c50726f6772616d2046696c65735c5c22{1-25}2f712f733e6e756c winnow.malware.ts.deleter.3:0:*:64656c{1-5}5c22433a5c57494e444f57535c53797374656d33325c5c22{1-25}2f712f733e6e756c winnow.malware.ts.phpexploit.1:3:*:3c7469746c653e2e3a3a20656c656f6e6f726520657870203a3a2e3c2f7469746c653e winnow.malware.ts.phpexploit.2:0:*:2f2f20{-5}7363616e20{-14}696e62307820686f746d61696c2076{1-2}2e30 winnow.malware.ts.jscript.1:3:*:253343253533253433253532253439253530253534253230253443253431253445253437253535253431253437253435253344253232253441253631253736253631253533253633253732253639253730253734253232253345253343253231253244253244253044253041253638253730253546253646253642253344253734253732253735253635253342253636253735253645253633253734253639253646253645253230253638253730253546253634253330253331253238253733253239253742253639253636253238253231253638253730253546253646253642253239253732253635253734253735253732253645253342253736253631253732253230253646253344253232253232253243253631253732253344253645253635253737253230253431253732253732253631253739253238253239253243253646253733253344253232253232253243253639253633253344253330253342253636253646253732253238253639253344253330253342253639253343253733253245253643253635253645253637253734253638253342253639253242253242253239253742253633253344253733253245253633253638253631253732253433253646253634253635253431253734253238253639253239253342253639253636253238253633253343253331253332253338253239253633253344253633253545253332253342253646253733253242253344253533253734253732253639253645253637253245253636253732253646253644253433253638253631253732253433253646253634253635253238253633253239253342253639253636253238253646253733253245253643253635253645253637253734253638253345253338253330253239253742253631253732253542253639253633253242253242253544253344253646253733253342253646253733253344253232253232253744253744253646253344253631253732253245253641253646253639253645253238253232253232253239253242253646253733253342253634253646253633253735253644253635253645253734253245253737253732253639253734253635253238253646253239253744253246253246253244253244253345253343253246253533253433253532253439253530253534253345 winnow.malware.ts.jscript.2:3:*:253636756e25363374692536466e20 winnow.malware.ts.jscript.3:3:*:3d6e66756221697575712e6672766a773e2373666773667469232164706f75666f753e23313c76736d3e697575713b3030 winnow.malware.ts.jscript.4:3:*:3d7464736a7175217473643e23697575713b3030 winnow.malware.ts.jscript.5:3:*:3d6a6773626e6621786a6575693e2332232169666a winnow.malware.ts.metarefresh.1:3:*:2533436d6574612b687474702d6571756976253344253232726566726573682532322b636f6e74656e742533442532323025334275726c25334468747470253341253246253246 winnow.malware.ts.iframe.1:3:*:253246696672616d6566696c652e6a732532322533452533432532467363726970742533452729 winnow.malware.ts.iframe.2:3:*:2f696672616d6566696c652e6a73223e3c2f7363726970743e winnow.trojan.ts.test:0:*:74657374706f696e7473746172742d3e77696e6e6f772074726f6a616e2075726c207465737420706f696e74207479706520343c2d74657374706f696e74656e64