ETERNALROMANCE-1.3.0 |
CVE-2017-0144 |
Microsoft Windows SMBv1 Service |
|
Sig ID: 30010 (OS Attack: Microsoft Windows SMB RCE CVE-2017-0144)
Sig ID: 21179 (OS Attack: Microsoft Windows SMB Remote Code Execution 3)
Sig ID: 23737 (Attack: Shellcode Download Activity)
Sig ID: 22534 (System Infected: Malicious Payload Activity 9)
Sig ID: 23862 (OS Attack: Microsoft Windows SMB Remote Code Execution)
Sig ID: 23875 (OS Attack: Microsoft SMB MS17-010 Disclosure Attempt) |
Hacktool |
20170414.02 |
ETERNALROMANCE-1.4.0 |
CVE-2017-0145 |
Microsoft Windows SMBv1 Service |
|
Sig ID: 21179 (OS Attack: Microsoft Windows SMB Remote Code Execution 3)
Sig ID: 23737 (Attack: Shellcode Download Activity)
Sig ID: 22534 (System Infected: Malicious Payload Activity 9)
Sig ID: 23862 (OS Attack: Microsoft Windows SMB Remote Code Execution
Sig ID: 23875 (OS Attack: Microsoft SMB MS17-010 Disclosure Attempt |
Hacktool |
20170414.02 |
ENTERNALSYNERGY |
CVE-2017-0143 |
Microsoft Windows SMBv1 Service |
MS17-010 |
Sig ID: 30018 OS Attack: MSRPC Remote Management Interface Bind |
Hacktool |
20170414.02 |
|
CVE-2017-0144 |
Microsoft Windows SMBv1 Service |
MS17-010 |
Sig ID: 30010 (OS Attack: Microsoft Windows SMB RCE CVE-2017-0144)
Sig ID: 21179 (OS Attack: Microsoft Windows SMB Remote Code Execution 3)
Sig ID: 22534 (System Infected: Malicious Payload Activity 9)
Sig ID: 23737 (Attack: Shellcode Download Activity)
Sig ID: 23862 (OS Attack: Microsoft Windows SMB Remote Code Execution)
Sig ID: 23875 (OS Attack: Microsoft SMB MS17-010 Disclosure Attempt) |
|
|
|
CVE-2017-0145 |
Microsoft Windows SMBv1 Service |
MS17-010 |
Sig ID: 21179 (OS Attack: Microsoft Windows SMB Remote Code Execution 3)
Sig ID: 22534 (System Infected: Malicious Payload Activity 9)
Sig ID: 23737 (Attack: Shellcode Download Activity)
Sig ID: 23862 (OS Attack: Microsoft Windows SMB Remote Code Execution)
Sig ID: 23875 (OS Attack: Microsoft SMB MS17-010 Disclosure Attempt) |
|
|
|
CVE-2017-0146 CVE-2017-0147 |
|
MS17-010 |
Sig ID: 23624 (OS Attack: Microsoft Windows SMB Remote Code Execution 2)
Sig ID: 21179 (OS Attack: Microsoft Windows SMB Remote Code Execution 3)
Sig ID: 22534 (System Infected: Malicious Payload Activity 9)
Sig ID: 23737 (Attack: Shellcode Download Activity)
Sig ID: 23862 (OS Attack: Microsoft Windows SMB Remote Code Execution)
Sig ID: 23875 (OS Attack: Microsoft SMB MS17-010 Disclosure Attempt) |
|
|
|
CVE-2017-0148 |
|
MS17-010 |
Sig ID: 21179 (OS Attack: Microsoft Windows SMB Remote Code Execution 3)
Sig ID: 22534 (System Infected: Malicious Payload Activity 9)
Sig ID: 23737 (Attack: Shellcode Download Activity)
Sig ID: 23862 (OS Attack: Microsoft Windows SMB Remote Code Execution)
Sig ID: 23875 (OS Attack: Microsoft SMB MS17-010 Disclosure Attempt) |
|
|
ETERNALBLUE |
CVE-2017-0143 |
Microsoft Windows SMBv1 Service |
|
Sig ID: 21179 (OS Attack: Microsoft Windows SMB Remote Code Execution 3)
Sig ID: 22534 (System Infected: Malicious Payload Activity 9)
Sig ID: 23737 (Attack: Shellcode Download Activity)
Sig ID: 23862 (OS Attack: Microsoft Windows SMB Remote Code Execution)
Sig ID: 23875 (OS Attack: Microsoft SMB MS17-010 Disclosure Attempt) |
Hacktool |
20170414.02 |
ETERNALCHAMPION |
CVE-2017-0146
CVE-2017-0147
CVE-2017-0148 |
Microsoft Windows SMBv1 Service |
|
Sig ID: 23624 (OS Attack: Microsoft Windows SMB Remote Code Execution 2)
Sig ID: 21179 (OS Attack: Microsoft Windows SMB Remote Code Execution 3)
Sig ID: 22534 (System Infected: Malicious Payload Activity 9)
Sig ID: 23737 (Attack: Shellcode Download Activity)
Sig ID: 23862 (OS Attack: Microsoft Windows SMB Remote Code Execution)
Sig ID: 23875 (OS Attack: Microsoft SMB MS17-010 Disclosure Attempt) |
Hacktool |
20170414.02 |
ECLIPSEDWING |
CVE-2008-4250 |
Micorosft Windows Server Service |
MS08-067 |
Sig ID: 23179 (OS Attack: MSRPC Server Service RPC CVE-2008-4250)
Sig ID: 23180 (OS Attack: MSRPC Server Service RPC CVE-2008-4250 2) |
Hacktool |
20170414.02 |
EDUCATEDSCHOLAR |
CVE-2009-2526
CVE-2009-2532
CVE-2009-3103 |
Microsoft Windows SMBv2 Service |
MS09-050 |
Sig ID: 23497 (OS Attack: MS SMB2 Validate Provider Callback CVE-2009-3103) |
Hacktool |
20170414.02 |
|
EMERALDTHREAD |
CVE-2010-2729 |
Microsoft Windows Print Service |
MS10-061 |
Sig ID: 23897 (Attack: Windows Spooler Service CVE-2010-2729) |
Hacktool |
20170414.02 |
ESKIMOROLL |
CVE-2014-6324 |
Microsoft Windows Kerberos KDC |
MS14-068 |
No Signature Available |
Hacktool |
20170414.02 |
EASYBEE |
CVE-2007-1675 |
Mdaemon |
|
Sig ID: 30015 (Attack: MDaemon WorldClient Attack) |
Hacktool |
20170414.02 |
ENGLISHMANDENTIST |
CVE-2009-0099 |
Microsoft Outlook Exchange Web Access |
|
Sig ID: 30014 (Attack: MS Exchange Server RCE) |
Hacktool |
20170414.02 |
EXPLODINGCAN |
CVE-2017-7269 |
Microsoft Windows
Server WebDav
Service |
|
Sig ID: 29071 (Web Attack: IIS Server CVE-2017-7269) |
Hacktool |
20170414.02 |
EMPHASISMINE-3.4.0 |
CVE-2017-1274 |
IBM Domino |
|
No Signature Available |
Hacktool |
20170414.02 |
EWOKFRENZY-2.0.0 |
CVE-2007-1675 |
IBM Domino |
|
Sig ID: 21710 HTTP MDaemon IMAP Server Auth BO (DCS Only - not available in SEP) |
Hacktool |
20170414.02 |