Search
Keyword: coinmine behavior
Description Name: MIMIKATZ SHELL - HTTP(RESPONSE) . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:Sus...
Description Name: CVE-2023-22515 - Atlassian Confluence Data Center Broken Access Control Exploit - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Later...
Description Name: CVE-2023-32252 - Linux Kernel ksmbd NULL Pointer Exploit - SMB2 (Request) . This is Trend Micro detection for SMB2 network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host ex...
Description Name: COPY FILES - SMB2(REQUEST) . This is Trend Micro detection for packets passing through SMB2 network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:Suspicio...
Description Name: ACCOUNT DISCOVERY - LDAP(REQUEST) . This is Trend Micro detection for packets passing through LDAP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:S...
Description Name: SYSTEM OWNER DISCOVERY - LDAP(REQUEST) . This is Trend Micro detection for packets passing through LDAP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behav...
Description Name: BRUTEFORCE - SMB(RESPONSE) . This is Trend Micro detection for packets passing through SMB network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:Suspiciou...
Description Name: NDMP EXECUTE COMMAND - TCP(REQUEST) . This is Trend Micro detection for packets passing through TCP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:...
Description Name: CVE-2024-4577 - PHP CGI Argument Injection Remote Code Execution - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The...
This malware is a malicious plugin for Chrome browsers. It runs a code when users browse Facebook, enabling the plugin to control navigation. To get a one-glance comprehensive view of the behavior of
Description Name: Bitcoin Mining TCP Request . This is Trend Micro detection for packets passing through TCP network protocols that can be used as N/A. This also indicates a malware infection. Below are some indicators of an infected host:Excessive s...
Description Name: vCalendar exploit . This is Trend Micro detection for packets passing through SMTP and POP3 network protocols that can be used as Point of Entry. This also indicates a malware infection. Below are some indicators of an infected host...
Description Name: HUPIGON - HTTP (Request) - Variant 2 . The HUPIGON malware family consists of backdoors. These are usually dropped by other malware onto a system or are downloaded unknowingly by users when visiting malicious sites. HUPIGON variants...
Description Name: CVE-2018-8007 Apache CouchDB Remote Code Execution Exploit - HTTP (Request) - Variant 2 . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Moveme...
Description Name: Successful log on to MSSQL service . This is Trend Micro detection for packets passing through MSSQL network protocols that manifests Database Access activities which can be a potential intrusion. Below are some indicators of unusua...
Description Name: Successful log on to MySQL service . This is Trend Micro detection for packets passing through MYSQL network protocols that manifests Database Access activities which can be a potential intrusion. Below are some indicators of unusua...
Description Name: Unsuccessful log on to POSTGRES service - Username does not exist . This is Trend Micro detection for packets passing through POSTGRES network protocols that manifests Database Access activities which can be a potential intrusion. B...
Description Name: Unsuccessful log on to POSTGRES service - Database does not exist . This is Trend Micro detection for packets passing through POSTGRES network protocols that manifests Database Access activities which can be a potential intrusion. B...
Description Name: A privileged user attempted to log on to the POSTGRES service . This is Trend Micro detection for packets passing through POSTGRES network protocols that manifests Database Access activities which can be a potential intrusion. Below...
Description Name: Cross-site scripting . This is Trend Micro detection for packets passing through HTTP network protocols that manifests Exploit activities which can be a potential intrusion. Below are some indicators of unusual behavior:Suspicious a...