Search
Keyword: bec_suspicious.ers
Description Name: Suspicious network activity matching object in Suspicious Objects list - Variant 4 . This is Trend Micro detection for packets passing through any network protocols that manifests unusual behavior which can be a potential intrusion....
Description Name: Suspicious Access to a bit Domain - DNS (Response) .
Description Name: Possible SoftEther VPN Client - HTTPS (REQUEST) .
Description Name: Suspicious CWS Flash - HTTP (Response) .
Description Name: NULL BYTES - HTTP (Request) .
Description Name: Suspicious User-Agent string in header - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that manifests Callback activities which can be a potential intrusion. Below are some indicat...
Description Name: PsExec - SMB . This is Trend Micro detection for packets passing through SMB2 and SMB network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:Suspicious act...
Description Name: Possible Gpass tunnel . This is Trend Micro detection for packets passing through GPass network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:Suspicious a...
Description Name: CobaltStrike - HTTPS (Request) .
Description Name: Suspicious file rename - SMB (Request) .
Description Name: Unregistered sender and recipient domains - Email . This is Trend Micro detection for packets passing through SMTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of un...
Description Name: Executable file download - HTTP (Response) .
Description Name: Suspicious file in E-mail identified by file reputation database . This is Trend Micro detection for packets passing through SMTP, POP3 and IMAP4 network protocols that manifests unusual behavior which can be a potential intrusion. ...
Description Name: Possible PsExec Tool Detected . This is Trend Micro detection for packets passing through SMB network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:Suspic...
Description Name: Debugging Symbol Download - LSASS . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:S...
Description Name: REGEORG - HTTP (Request) .
Description Name: Data Exfiltration - DNS (Response) - Variant 2 .
Description Name: Possible Pseudorandom Subdomain Attack - DNS (Response) .
Description Name: Suspicious network activity matching object in Suspicious Objects list - Variant 2 . This is Trend Micro detection for packets passing through any network protocols that manifests unusual behavior which can be a potential intrusion....
Description Name: Suspicious network activity matching object in Suspicious Objects list - Variant 5 . This is Trend Micro detection for packets passing through any network protocols that manifests unusual behavior which can be a potential intrusion....