1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. System Infected: Bad Reputation File SMB Request

System Infected: Bad Reputation File SMB Request

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects bad reputation files creating SMB requests from Windows PATH.

Additional Information

Malwares can be equipped with network propagation feature that can help them move laterally from one machine to another on a network. SMB protocol is one of the common protocols used by malware to achieve lateral movement.

Affected

  • Various Windows Platforms.

Response


  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube