Search
Keyword: bec_suspicious.ers
Description Name: SOCGHOULISH - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:Suspic...
Description Name: METASPLOIT COBALTSTRIKE STAGER - HTTP(RESPONSE) .
Description Name: ANYDESK - HTTPS(REQUEST) .
Description Name: COBALTSTRIKE - DNS (Response) - Variant 2 .
Description Name: ACCOUNT DISCOVERY - LDAP(REQUEST) . This is Trend Micro detection for packets passing through LDAP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:S...
Description Name: SYSTEM OWNER DISCOVERY - LDAP(REQUEST) . This is Trend Micro detection for packets passing through LDAP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behav...
Description Name: APT URL - HTTP(REQUEST) . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:Suspicious ...
Description Name: Exfiltration SSH Private Key - HTTP (Response) . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusu...
Description Name: Remote Service execution through SMB2 SVCCTL detected - Variant 3 . This is Trend Micro detection for packets passing through SMB2 network protocols that manifests unusual behavior which can be a potential intrusion. Below are some ...
stumbling upon bad links in search engines. 1. Do not click suspicious-looking URLs even if these appear as top search engine results. 2. Consider a link suspicious if any or some of its components (e.g., ://
Description Name: File was identified by Scan Engine and analyzed by Virtual Analyzer . This is the Trend Micro identification for suspicious files scanned by Scan Engine and assessed by Virtual Analyzer as risky.
aka "Backup Manager Insecure Library Loading Vulnerability." microsoft windows_vista Apply associated Trend Micro DPI Rules. 1005269| 1004566 - Identified Suspicious Microsoft DLL File Over Network
Description Name: Metasploit(Payload) - Possible Reverse TCP Certificate . This is Trend Micro detection for packets passing through TCP network protocols that can be used as Point of Entry or Lateral Movement. This also indicates a malware infection...
Description Name: Possible HTA PowerShell Empire (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for N/A.The host exhibiting this type of network behavior is likely compromised by ...
Description Name: HTA PowerShell Empire - HTTP (Request) - Variant 2 . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for N/A.The host exhibiting this type of network behavior is likely compr...
This is a Trend Micro generic detection for files with structures that are considered unusual for normal files. If your Trend Micro product detects a file under this detection name, do not execute
Micro DPI Rules. 1005934| 1005934 - Identified Suspicious Command Injection Attack
Micro DPI Rules. 1005934| 1005934 - Identified Suspicious Command Injection Attack
Description Name: Suspicious executable file extension . This is Trend Micro detection for packets passing through various network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual beha...
Description Name: Possible Command Execution - HTTP (Response) . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual...