Search
Keyword: bec_suspicious.ers
Description Name: Suspicious LNK file transfer detected . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavi...
Description Name: Data Exfiltration - DNS (Response) .
Description Name: Shodan Internet Scan - Malware Hunter C&C Server Scan . This is Trend Micro detection for packets passing through any network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of...
Description Name: DDOS Tool detected - HOIC . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:Suspiciou...
Description Name: Public IRC C&C domain - DNS (Response) . This is Trend Micro detection for packets passing through DNS network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavi...
Description Name: SMB CreateService request detected . This is Trend Micro detection for packets passing through SMB network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:S...
Description Name: Password-protected archive file . This is Trend Micro detection for packets passing through any network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:Susp...
Description Name: Remote Add Job through SMB2 Protocol Detected . This is Trend Micro detection for packets passing through SMB2 network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusua...
Description Name: Remote Service exectution through SMB2 ATSVC detected . This is Trend Micro detection for packets passing through SMB2 network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators o...
Description Name: Unregistered service running on non-standard port . This is Trend Micro detection for packets passing through SMTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of un...
Description Name: Host DNS Mx record query of a non-trusted domain . This is the Trend Micro detection for malicious N/A network packet
Description Name: Suspicious executable file extension - Variant 3 . This is Trend Micro detection for packets passing through any network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unus...
Description Name: Suspicious Cgi Directory Traversal - HTTP (Request) - Variant 2 . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting t...
Description Name: Invalid Credentials - LDAP (Response) .
Description Name: Many unsuccessful logon attempts . This is Trend Micro detection for packets passing through any network protocols that manifests Login Attempt activities which can be a potential intrusion. Below are some indicators of unusual beha...
Description Name: Unauthorized Read MODBUS Request . This is Trend Micro detection for packets passing through MODBUS-TCP and PROTOCOL_42 network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators ...
Description Name: Executable with suspicious file name - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators o...
Description Name: Identified CBC Based Cipher Suite In SSLv3 Request .
Description Name: Suspicious Encodings - X . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:Suspicious...
Description Name: Remote Registry modification through SMB2 protocol detected . This is Trend Micro detection for packets passing through SMB2 network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indica...