Search
Keyword: possible
The MegaCortex ransomware first appeared in January 2019 with few interesting attributes, including the use of a signed executable as part of the payload. It also appeared to offer security consulting services from the malware author. On May 1, 2019...
This is the Trend Micro detection for possibly malicious executable files that are compressed using Win32 compression tools. This proactive detection also includes appending viruses found in the wild. It is a heuristic detection based on well-establi...
Windows
NOTES: This detection is for weaponized RTF files. It detects possible exploits for the following vulnerabilities: CVE-2017-11882 CVE-2012-0158 CVE-2015-1641 CVE-2015-1770 CVE-2014-1761 CVE-2017-8570
Step 1 For Trend M...
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
This is the Trend Micro detection for the tool called Brutus . This hacking tool may be manually installed by a user.
With the .IQY malware being a hot topic in recent months, it comes as no surprise that it has adapted to become another variant that uses the embedding capability of PDFs. It still uses email as th...
Android OS
NOTES: Based on analysis of the codes, this Android malware has the following capabilities: Loads a local html page in 1 pixel iframe. The said html tries to open the following malicious URLs: www.{BLOCKED}z.pl/rc/ jL.{...
* indicates a new version of an existing rule Deep Packet Inspection Rules: Mail Server Common 1012173* - Roundcube Webmail Stored Cross-Site Scripting Vulnerability (CVE-2024-42009) NodeBB 1012382 - NodeBB Stored Cross-Site Sc...
FlawedAmmyy is a remote access Trojan (RAT) based on Ammyy Admin , a legitimate remote access tool used to handle remote control and diagnostics on Microsoft Windows machines. FlawedAmmyy RAT has the functionality of the leaked version, including rem...
This Coinminer arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
* indicates a new version of an existing rule Deep Packet Inspection Rules: DCERPC Services - Client 1010585 - Identified Possible Ransomware File Extension Create Activity Over Network Share - Client Directory Server LDAP 1...
* indicates a new version of an existing rule Deep Packet Inspection Rules: DCERPC Services 1007596* - Identified Possible Ransomware File Extension Rename Activity Over Network Share SolarWinds Network Performance Monitor ...
This is the Trend Micro generic detection for potentially unwanted applications (PUAs) that are installed in your computers or devices. This application is detected as carrying a possible risk of having untoward impact to the user. Note that PUAs' im...
This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement. The host exhibiting this type of network behavior is likely compromised by malware, or being used by a m...
This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement. The host exhibiting this type of network behavior is likely compromised by malware, or being used by a m...
This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement. The host exhibiting this type of network behavior is likely compromised by malware, or being used by a m...
This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement. The host exhibiting this type of network behavior is likely compromised by malware, or being used by a m...
This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement. The host exhibiting this type of network behavior is likely compromised by malware, or being used by a m...
This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement. The host exhibiting this type of network behavior is likely compromised by malware, or being used by a m...
This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement. The host exhibiting this type of network behavior is likely compromised by malware, or being used by a m...