サーチ

Description Name: Possible KAVO - HTTP (Request) . This is the Trend Micro detection for malicious N/A network packet that manifest any of the following actions:CallbackThis attack is used for Command and Control Communication

Description Name: POSSIBLE WEBSHELL - HTTP (REQUEST) .

Description Name: GZ Inflate in PHP File - HTTP (Response) .

Description Name: NULL BYTES - HTTP (Request) .

Description Name: Powershell - SMB .

Description Name: Possible Pseudorandom Subdomain Attack - DNS (Response) .

Description Name: Possible SoftEther VPN Client - HTTPS (REQUEST) .

Description Name: Possible DOWNAD - Encrypted connection - TCP . This is the Trend Micro detection for malicious N/A network packet that manifest any of the following actions:CallbackThis attack is used for Command and Control Communication

Description Name: Powershell Remote Command Execution Via WinRM - HTTP (Request) .

Description Name: ATERA - HTTP(REQUEST) .

Description Name: ANYDESK - HTTPS(REQUEST) .

Description Name: COBALTSTRIKE - HTTP (Request) .

Description Name: PROXY TCP Request . This is the Trend Micro detection for malicious TCP network packet that manifest any of the following actions:CallbackThis attack is used for Command and Control Communication

Description Name: Suspicious file rename - SMB (Request) .

Description Name: HTA Download - HTTP (Request) .

Description Name: Data Exfiltration - DNS (Response) - Variant 2 .

Description Name: Possible data-stealing malware - HTTP (Request) . This is the Trend Micro detection for malicious N/A network packet that manifest any of the following actions:CallbackThis attack is used for Command and Control Communication

Description Name: Covert Iodine tunnel - DNS (Request) .

Description Name: SAGECRYPT - HTTP (Request) . Related Malware: Mal_SageCrypt

Description Name: Possible RIG Exploit Kit - HTTP (Request) .