Search
Keyword: bec_suspicious.ers
Description Name: Query of a non-trusted domain mail exchanger using the host's DNS A record . This is the Trend Micro detection for malicious N/A network packet
Description Name: Malware-related subject and executable file - Email . This is Trend Micro detection for packets passing through SMTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of ...
Description Name: Unsuccessful log on to POSTGRES service - Database does not exist . This is Trend Micro detection for packets passing through POSTGRES network protocols that manifests Database Access activities which can be a potential intrusion. B...
Description Name: Remote Write Registry through SMB protocol detected . This is Trend Micro detection for packets passing through SMB network protocols that manifests Login Attempt actions which can be a potential intrusion. Below are some indicators...
Description Name: Malicious network activity matching object in Suspicious Objects list . This is Trend Micro detection for packets passing through any network protocols that manifests Callback activities which can be a potential intrusion. Below are...
Description Name: Executable file - Email . This is Trend Micro detection for packets passing through SMTP, POP3 and IMAP4 network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual beha...
Description Name: Unsuccessful logon to Kerberos . This is Trend Micro detection for packets passing through KERBEROS network protocols that manifests Login Attempt activities which can be a potential intrusion. Below are some indicators of unusual b...
Description Name: Downloaded executable file through SMB response . This is Trend Micro detection for packets passing through SMB network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusu...
Description Name: PWDUMP through SMB Protocol Detected . This is Trend Micro detection for packets passing through SMB network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior...
Description Name: Remote Schedule Tasks through SMB2 protocol detected - Create Command . This is Trend Micro detection for packets passing through SMB2 network protocols that manifests unusual behavior which can be a potential intrusion. Below are s...
Description Name: Possible Data Exfiltration - DNS (Response) .
Description Name: Suspicious script file extension . This is Trend Micro detection for packets passing through File Transfer, FTP and TFTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators...
Description Name: File renamed - SOREBRECT - Ransomware - SMB (Request) . This is Trend Micro detection for packets passing through SMB2 and SMB network protocols that manifests Malware activities which can be a potential intrusion. Below are some in...
Description Name: Possible PsExec PETYA - Ransomware - SMB . This is Trend Micro detection for packets passing through SMB2 and SMB network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unu...
Description Name: Powershell script requested from root directory - HTTP (Request) . Related Malware: coinmine behavior
Description Name: GZ Inflate in PHP File - HTTP (Response) .
Description Name: Multiple unsuccessful logon attempts . This is Trend Micro detection for packets passing through any network protocols that manifests Login Attempt activities which can be a potential intrusion. Below are some indicators of unusual ...
Description Name: APT - SUSPICIOUS CGI - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry.The host exhibiting this type of network behavior is likely comprom...
Description Name: Certificate fields with missing or useless data - SSL - Variant 6 . This is Trend Micro detection for packets passing through HTTPS network protocols that manifests unusual behavior which can be a potential intrusion. Below are some...
Description Name: A default user attempted to log on to MySQL service . This is Trend Micro detection for packets passing through MYSQL network protocols that manifests Database Access activities which can be a potential intrusion. Below are some ind...