Search
Keyword: bec_suspicious.ers
Description Name: Remote Enumerate Registry through SMB protocol detected .
Description Name: Remote Enumerate Job through SMB protocol detected .
Description Name: File renamed - WCRY - Ransomware - SMB (Request) .
Description Name: Ghost WebShell - HTTP (Request) .
Description Name: HYTOP2006 ASP WebShell - HTTP (Request) .
Description Name: TUNNA Webshell - HTTP (Request) .
Description Name: Apache Struts File Upload - HTTP (Request) .
Description Name: Unauthorized Broadcast Request - DNP3 (Request) .
Description Name: Possible Denial of Service - DNP3 (Request) .
Description Name: DOC File downloaded in root directory - HTTP (Response) .
Description Name: Script file name with multiple consecutive spaces . This is Trend Micro detection for packets passing through various network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of...
Description Name: CHIR - UDP . This is Trend Micro detection for packets passing through UDP network protocols that manifests Callback activities which can be a potential intrusion. Below are some indicators of unusual behavior:Suspicious activity in...
Description Name: Executable file sent from/to non-standard port - IRC (Request) . This is Trend Micro detection for packets passing through IRC network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indi...
Description Name: Possible FAKEAV - URL request . This is Trend Micro detection for packets passing through HTTP network protocols that manifests Callback activities which can be a potential intrusion. Below are some indicators of unusual behavior:Su...
Description Name: CVE-2016-2776 DNS ISC BIND TSIG EXPLOIT - DNS (Request) .
Description Name: File renamed - CRYSIS - Ransomware - SMB (Request) . This is the Trend Micro detection for malicious SMB2,SMB network packet that manifest any of the following actions:MalwareThis attack is used for Lateral Movement
Description Name: Unauthorized STOPDT IEC-104 Request .
Description Name: Possible Brute force - Telnet (Response) .
Description Name: WebScript Injection - HTTP (Request) .
Description Name: GZ File requested from root directory - HTTP (Request) .