Search
Keyword: bec_suspicious.ers
Description Name: DOCKER API - HTTP (Request) .
Description Name: Unauthorized Read Request - DNP3 (Request) .
Description Name: Packed executable file - IM . This is Trend Micro detection for packets passing through MSN and instant messaging network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unu...
Description Name: POSSIBLE XSS - HTTP (Request) .
Description Name: POSSIBLE WEBSHELL - HTTP (REQUEST) .
Description Name: CVE-2020-0601 Spoofed Certificate Attempt - TLS (Response) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this t...
Description Name: File with multiple extensions ending with executable extension . This is Trend Micro detection for packets passing through various network protocols that manifests unusual behavior which can be a potential intrusion. Below are some ...
Description Name: Archive file containing executable file . This is Trend Micro detection for packets passing through any network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behav...
Description Name: VBNA FTP request . This is Trend Micro detection for packets passing through FTP network protocols that manifests Callback activities which can be a potential intrusion. Below are some indicators of unusual behavior:Suspicious activ...
Description Name: Archive file with multiple consecutive spaces in file name . This is Trend Micro detection for packets passing through any network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicato...
Description Name: AGENT - HTTP (Request) - Variant 18 . This is Trend Micro detection for packets passing through HTTP network protocols that manifests Callback activities which can be a potential intrusion. Below are some indicators of unusual behav...
Description Name: ACTIVE DIRECTORY GPO DEPLOY COMMAND - SMB2 (Response) .
Description Name: SSH on Non-Standard Port - Request .
Description Name: Non-matching file type and extension . This is Trend Micro detection for packets passing through various network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual beha...
Description Name: Session using standard port - IRC . This is Trend Micro detection for packets passing through IRC network protocols that manifests Callback activities which can be a potential intrusion. Below are some indicators of unusual behavior...
Description Name: Executable file name with multiple consecutive spaces . This is Trend Micro detection for packets passing through various network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicator...
Description Name: ZEROACCESS - HTTP (Request) - Variant 4 . This is Trend Micro detection for packets passing through TCP network protocols that manifests Callback activities which can be a potential intrusion. Below are some indicators of unusual be...
Description Name: Executable requested from root directory of web server . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators ...
Description Name: Packed executable file copied to administrative share - SMB . This is Trend Micro detection for packets passing through SMB network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicat...
Description Name: LETSENCRYPT SSL CERTIFICATE - HTTP (Response) .