Search
Keyword: coinmine behavior
Description Name: ACCOUNT DISCOVERY - LDAP(REQUEST) . This is Trend Micro detection for packets passing through LDAP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:S...
Description Name: SYSTEM OWNER DISCOVERY - LDAP(REQUEST) . This is Trend Micro detection for packets passing through LDAP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behav...
Description Name: BRUTEFORCE - SMB(RESPONSE) . This is Trend Micro detection for packets passing through SMB network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:Suspiciou...
Description Name: NDMP EXECUTE COMMAND - TCP(REQUEST) . This is Trend Micro detection for packets passing through TCP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:...
Description Name: CVE-2024-4577 - PHP CGI Argument Injection Remote Code Execution - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The...
This malware is a malicious plugin for Chrome browsers. It runs a code when users browse Facebook, enabling the plugin to control navigation. To get a one-glance comprehensive view of the behavior of
Description Name: HUPIGON - HTTP (Request) - Variant 2 . The HUPIGON malware family consists of backdoors. These are usually dropped by other malware onto a system or are downloaded unknowingly by users when visiting malicious sites. HUPIGON variants...
Description Name: vCalendar exploit . This is Trend Micro detection for packets passing through SMTP and POP3 network protocols that can be used as Point of Entry. This also indicates a malware infection. Below are some indicators of an infected host...
Description Name: Bitcoin Mining TCP Request . This is Trend Micro detection for packets passing through TCP network protocols that can be used as N/A. This also indicates a malware infection. Below are some indicators of an infected host:Excessive s...
Description Name: Unauthorized Write MODBUS Request . This is Trend Micro detection for packets passing through MODBUS-TCP and PROTOCOL_42 network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators...
Description Name: Debugging Symbol Download - WDIGEST . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior...
Description Name: A privileged user account attempted to log on to the Remote Desktop server during non-working hours . This is Trend Micro detection for packets passing through RDP network protocols that manifests Login Attempt activities which can ...
Description Name: TCP Backdoor Agent Request . This is Trend Micro detection for packets passing through TCP network protocols that manifests Callback activities which can be a potential intrusion. Below are some indicators of unusual behavior:Suspic...
Description Name: CVE-2018-8007 Apache CouchDB Remote Code Execution Exploit - HTTP (Request) - Variant 2 . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Moveme...
Description Name: WARZONE - DNS (Response) . This is Trend Micro detection for packets passing through DNS network protocols that can be used as N/A. This also indicates a malware infection. Below are some indicators of an infected host:Excessive spa...
Description Name: Malformed DNS response . This is Trend Micro detection for packets passing through UDP network protocols that manifests Callback activities which can be a potential intrusion. Below are some indicators of unusual behavior:Suspicious...
Description Name: Unsuccessful log on to MySQL service . This is Trend Micro detection for packets passing through MYSQL network protocols that manifests Database Access activities which can be a potential intrusion. Below are some indicators of unus...
Description Name: Trojan FTP request - Type 1 . This is Trend Micro detection for packets passing through FTP network protocols that manifests Callback activities which can be a potential intrusion. Below are some indicators of unusual behavior:Suspi...
Description Name: File name with multiple consecutive spaces and executable extension . This is Trend Micro detection for packets passing through various network protocols that manifests unusual behavior which can be a potential intrusion. Below are ...
Description Name: SMB or SMB2 PE file Upload to non-administrative share folder detected . This is Trend Micro detection for packets passing through SMB2 and SMB network protocols that manifests unusual behavior which can be a potential intrusion. Be...