Search
Keyword: irc generic
This is the Trend Micro detection for files that exhibit certain behaviors. Other Details This is the Trend Micro detection for: Specifically, this is Trend Micro's generic detection for low-threat
capabilities: This backdoor is capable of connecting to a certain IRC server using a certain port and joins a channel where it receives commands from a malicious user. It sends the following information to its
}n/cgi-bin/jl/jloader.pl http://{BLOCKED}cn/cgi-bin/jloader.pl Based on its code, it is capable of connecting to a certain IRC server using a certain port and joins a channel where it receives commands from a malicious
Password-protected sites Download its configuration file from a certain site that contains FTP or IRC information used for its backdoor routine. It may open random ports where it connect to a remote server through the
infector gathers the following data: OS Version NOTES: This file infector connects to the following IRC server: {BLOCKED}m.{BLOCKED}pa.info It does not have rootkit capabilities. It does not exploit any
Simultaneous IGMP, ICMP, UDP and TCP flooding on open ports with statistic report IRC Control: join → join a specified channel part → leave a specified channel rejoin → leave then rejoin a specified channel op
| 1000608 - Generic SQL Injection Prevention
Apply associated Trend Micro DPI Rules. 1000608| 1000608 - Generic SQL Injection Prevention
Apply associated Trend Micro DPI Rules. 1000608| 1000608 - Generic SQL Injection Prevention
This is the Trend Micro generic detection for threat with callback behavior. Callback is a type of network behavior usually sent by threats for collecting feedback data or controlling threats
This is the Trend Micro generic detection for threat with callback behavior. Callback is a type of network behavior usually sent by threats for collecting feedback data or controlling threats
This is the Trend Micro generic detection for email with forged content, which can be a social engineering attack. Behavior such as faking the sender name, a clickbait subject, inconsistent host
openx openx 2.8.10 Apply associated Trend Micro DPI Rules. 1000608| 1000608 - Generic SQL Injection Prevention
openx openx 2.8.10 Apply associated Trend Micro DPI Rules. 1000608| 1000608 - Generic SQL Injection Prevention
These also access certain IRC servers via port 80. Once connected, these receive and execute commands, compromising infected systems’ security. These download other malicious files, depending on when the
Active Directory Federation Services Apply associated Trend Micro DPI Rules. 1000552| 1000552 - Generic Cross Site Scripting(XSS) Prevention
"msnmsngr.exe" Backdoor Routine This backdoor connects to any of the following IRC server(s): bilal2.{BLOCKED}s.net It joins any of the following IRC channel(s): #hell It executes the following command(s) from a
the package file to default shares. This worm's configuration file contains the following information: - Reference to the components and their corresponding random filenames in the system - IRC data -
into HTML files Join an IRC channel Log in to FTP sites Perform Slowloris, UDP, and SYN flooding Run Reverse Socks4 proxy server Send MSN Messenger messages Steal login credentials Update itself Visit a
This is the Trend Micro generic detection for URLs related to fraudulent activities. Fraud-related activities aim to get money from intended victims. Cybercriminals set up fraudulent or fake websites