Advanced Malware Policyで使用されるSignature一覧

バージョン 1

    Advanced Malware Policyで使用されるSignature一覧は以下の通りです。

     

    環境

     

    ·      McAfee Network Security Platform version 8.2

    ·      Signature Set version 8.7.54.3

     

    注意: こちらのリストはSignature Set 8.7.54.3 現在のものとなります。

     

    Signature 一覧

     

    Sr No

    Category

    Attack ID & Signature Name

    1

    PDF Malware

    0x4840c600 MALWARE: Malicious PDF file transfer detected

    2

    PDF Malware

    0x48434500 MALWARE: Malicious PDF file transfer detected  ANNOT FUNC VII

    3

    PDF Malware

    0x48433f00 MALWARE: Malicious PDF file transfer detected  ANNOT FUNC VIII

    4

    PDF Malware

    0x48433800 MALWARE: Malicious PDF file transfer detected I

    5

    PDF Malware

    0x48433900 MALWARE: Malicious PDF file transfer detected II

    6

    PDF Malware

    0x48433a00 MALWARE: Malicious PDF file transfer detected III

    7

    PDF Malware

    0x48433b00 MALWARE: Malicious PDF file transfer detected IV

    8

    PDF Malware

    0x48434000 MALWARE: Malicious PDF file transfer detected UUID IX

    9

    PDF Malware

    0x48433c00 MALWARE: Malicious PDF file transfer detected V

    10

    PDF Malware

    0x48433d00 MALWARE: Malicious PDF file transfer detected VI

    11

    PDF Malware

    0x48420b00 MALWARE: Malicious PDF file transfer detected VII

    12

    PDF Malware

    0x4841e900 MALWARE: Malicious PDF file transfer detected VIII

    13

    PDF Malware

    0x48434100 MALWARE: Malicious PDF file transfer detected hexname X

    14

    PDF Malware

    0x48434200 MALWARE: Malicious PDF file transfer detected suspicious call XI

    15

    PDF Malware

    0x48434300 MALWARE: Malicious PDF file transfer detected suspicious call XII

    16

    PDF Malware

    0x48434400 MALWARE: Malicious PDF file transfer obfuscated call XIII

    17

    Custom Fingerprints

    0x4840c300    MALWARE: File Transfer of Blacklisted File Detected

    18

    GTI File reputation

    0x4840c900    MALWARE: Malicious File transfer detected by McAfee Global Threat Intelligence Service

    19

    Threat Intelligence Exchange

    0x48436b00    MALWARE: Malicious File Detected by TIE Engine

    20

    Flash Engine

    0x48436600   MALWARE: Vector Object Manipulation Detected by Flash Analysis Engine

    21

    Gateway-AntiMalware Engine

    0x4840c100    MALWARE: Malicious File Detected by GAM Engine

    22

    Advanced Threat Defense

    0x48434700   MALWARE: Unknown File Download Detected and Submitted to ATD for Analysis

    23

    Advanced Threat Defense

    0x48434600   MALWARE: Malicious File detected by ATD