Backdoor.Windows.CMD.Shell
Description
This indicates detection of the CMD.EXE shell.
CMD.EXE reverse shell is classified as a remote shell with backdoor properties. Backdoor trojans have the capability to receive remote connections and perform actions against the compromised system.
Affected Products
Any unprotected Windows system is vulnerable to the attack.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Monitor the traffic from that network for any suspicious activity.
Use AntiVirus software to scan and clean the system.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |