Keyword: pecih1003
1037 Total Search   |   Showing Results : 1021 - 1037
  Previous   Next  
BKDR_DRIDEX.SYP
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details
BKDR_DRIDEX.D
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details
BKDR_DRIDEX.CB
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details
BKDR_DRIDEX.CC
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details
BKDR_DRIDEX.SYL
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details
TROJ_INJECTR.YHF
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
Trojan.Win32.SIGGEN.AA
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
18-021 (April 10, 2018)
* indicates a new version of an existing rule Deep Packet Inspection Rules: DNS Client 1008666 - Microsoft Windows DNSAPI Remote Code Execution Vulnerability (CVE-2017-11779) EMC Data Protector
19-032 (June 11, 2019)
* indicates a new version of an existing rule Deep Packet Inspection Rules: DHCP Client 1009116* - DHCP Client Script Code Execution Vulnerability (CVE-2018-1111) - 1 DHCP Client - Incoming 1009114
18-027 (May 15, 2018)
* indicates a new version of an existing rule Deep Packet Inspection Rules: DNS Client 1009059 - ISC BIND DNS Denial Of Service Vulnerability (CVE-2017-3145) 1008447 - Identified Suspicious Order Of
19-054 (October 29, 2019)
* indicates a new version of an existing rule Deep Packet Inspection Rules: DCERPC Services 1009703 - Identified Domain-Level Groups/Accounts Enumeration Over SMB (ATT&CK T1069, T1087, T1018)
23-002 (January 10, 2023)
* indicates a new version of an existing rule Deep Packet Inspection Rules: SolarWinds Information Service 1011642* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability
23-004 (January 24, 2023)
* indicates a new version of an existing rule Deep Packet Inspection Rules: Atlassian Bitbucket 1011658 - Atlassian Bitbucket Server and Data Center Command Injection Vulnerability (CVE-2022-43781)
Ransom.BAT.KEKPOP.THEAABB
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It adds certain registry entries to disable the Task
22-050 (October 11, 2022)
* indicates a new version of an existing rule Deep Packet Inspection Rules: SolarWinds Information Service 1011552 - SolarWinds Network Performance Monitor 'UpdateActionsDescriptions' SQL Injection
22-051 (October 18, 2022)
* indicates a new version of an existing rule Deep Packet Inspection Rules: Directory Server LDAP 1011039 - Identified Domain Trust Discovery Request Over LDAP (ATT&CK T1482) Redis Server 1011555 -
Trojan.Win32.TURTLELOADER.C
Access Engine on port 1004 Attempting to connect to the command engine on port 1018 Attempting to connect to the Software Repository on port 1003 It requires being executed with a specific