Search

Description Name: DLINK Command Injection Exploit - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Point of Entry or Lateral Movement. This also indicates a malware infection. Bel...

This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Backdoor arrives on a system as a

This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Backdoor arrives on a system as a

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a

This Trojan may be downloaded by other malware/grayware from remote sites. Arrival Details This Trojan may be downloaded by the following malware/grayware from remote sites: ELF_VPNFILT.A Other

This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a

This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a

This malware is part of an attack chain that involves searching for exposed or publicly accessible Elasticsearch databases/servers. The malware would invoke a shell with an attacker-crafted search

This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a

Description Name: CVE-2014-6271 - SHELLSHOCK DNS Exploit . This is Trend Micro detection for DNS network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type of network behavi...

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a

This Linux backdoor has increased potential for damage, propagation, or both, that it possesses. Specifically, it is capable of carrying brute force attacks or exploit on the D-Link Internet router.

This backdoor executes commands from a remote malicious user, effectively compromising the affected system. Arrival Details This malware arrives via the following means: CVE-2014-6271 Backdoor

This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a

This malware targets systems running on Linux. It allows remote access of affected systems through the use of SSH (Secure Shell Protocol) and steals system login credentials. Users with affected

This Coinminer arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It requires being executed with a specific

networks the systems are attached to: Scans IP format {random ip}.{random ip}.{1 to 256}.{1 to 256} via port 22 Backdoor Routine This Backdoor opens the following ports: 9000 Other Details This Backdoor

This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It executes

22 23 Download Routine This backdoor connects to the following URL(s) to download its component file(s): http://l.{BLOCKED}ost.host/{digit} Other Details This backdoor does the following: Uses common

This hacking tool may be manually installed by a user. Arrival Details This hacking tool may be manually installed by a user. NOTES: It can be launched manually or by another application. After