Search
Keyword: coinmine behavior
Description Name: EMOTET - HTTP (Request) - Variant 7 . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some in...
Description Name: BUNNYLOADER - HTTP (REQUEST) . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some indicator...
Description Name: Gomir C2 - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some indicators o...
Description Name: KOI LOADER C2 - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some indicat...
Description Name: AMADEY C2 - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some indicators ...
Other Details Based on analysis of the codes, it has the following capabilities: Exhibits behavior that Trend Micro detects for configuration files that are used by BKDR_QAKBOT malware family.
NOTES: Heuristic Detection This is Trend Micro’s heuristic detection for suspicious files that manifest similar behavior and characteristics as the following: NITOL family (DDOS_ and WORM_ variants)
Other Details This backdoor does the following: This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware:
NOTES: This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following Mac malware or Potentially Unwanted Application (PUA):
This is the Trend Micro detection for email where the sender is identified as related to one or more targeted attacks, or the sender displayed behavior consistent with targeted attacks.
This backdoor has received attention from independent media sources and/or other security firms. To get a one-glance comprehensive view of the behavior of this Backdoor, refer to the Threat Diagram
Description Name: PHP DIESCAN - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Point of Entry. This also indicates a malware infection. Below are some indicators of an infected ho...
Description Name: RANSOM - HTTP (Request) - Variant 13 . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some i...
Description Name: APT - PLUGX - HTTP (Request) - Variant 8 . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are so...
Description Name: APT - Possible SIMBOT - HTTP (Request) - Variant 3 . This is Trend Micro detection for packets passing through TCP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Bel...
Description Name: Reverse TCP VNC Inject detected . This is Trend Micro detection for packets passing through TCP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some indicat...
Description Name: UNDERMINER - Exploit Kit - HTTP (Response) . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are ...
Description Name: BINBASH Download - HTTP (Response) . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Point of Entry. This also indicates a malware infection. Below are some indicators of an infec...
Description Name: Remote PHP-CGI Command Execution - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Point of Entry or Lateral Movement. This also indicates a malware infection. Be...
Description Name: APT - IXESHE - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some indicato...