Search
Keyword: HTML_IFRAME
Slowloris, UDP, and SYN flooding Run Reverse Socks4 proxy server Send MSN Messenger messages Insert iframe tags into HTML files Visit a website Block DNS Steal login credentials Log in to FTP sites Create
Download other files Perfrom Slowloris, UDP, and SYN flooding Send MSN Messenger messages Insert iframe tags into HTML files Visit a Web page Create processes Block DNS Redirect domains Steal login
Send private messages on IRC channel joined Update self Download arbitrary files Send MSN Messenger messages Insert iframe tags into HTML files Visit arbitrary website Block arbitrary DNS Steal login
iframe code to automatically executed the dropped file "Photo.scr" when the PHP file is opened. (Note: %User Temp% is the user's temporary folder, where it usually is C:\Documents and Settings\{user name}
\ It generates random IP address where it attempts to connect as FTP. It then drops a copy of itself as "Photo.scr". It searches for ".php" files in the FTP folder and inserts an iframe code to
perform its intended routine. It does the following: Inserts iframe to redirect the user to this site format: {current site}(3 to 10 random characters).{html, htm, jpeg, png, jpg, gif, or js} Accessing the
Messenger messages Insert iframe tags into HTML files Visit arbitrary website Block arbitrary DNS Steal login credentials Log in to FTP sites Create arbitrary processes Can modifies the following system
as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It arrives via removable drives. It may arrive through accessing malicious IFRAME tags
of the following IRC channel(s): #rkill #pd #lo #rox It executes the following commands from a remote malicious user: Block DNS Create processes Download other files Insert iFrame tags into HTML files
Photo.lnk Video.lnk AV.lnk It searches for files with the following extensions: html htm php asp stm dhtm phtm xht mht htx aspx jsp cgi shtm xml then adds an iframe that will execute the dropped copy.
on a website and run when a user accesses the said website. This is the Trend Micro detection for files that contain malicious IFRAME tags. This is the Trend Micro detection for Web pages that were
malicious IFRAME tags. It inserts an IFRAME tag that redirects users to certain URLs. Arrival Details This Trojan may be downloaded by the following malware/grayware from remote sites: JS_REDIR.GQ It may be
This Trojan may be hosted on a website and run when a user accesses the said website. This is the Trend Micro detection for files that contain malicious IFRAME tags. It redirects browsers to certain
This Trojan executes when a user accesses certain websites where it is hosted. It inserts an IFRAME tag that redirects users to certain URLs. Arrival Details This Trojan executes when a user accesses
This Trojan may be hosted on a website and run when a user accesses the said website. It inserts an IFRAME tag that redirects users to certain URLs. However, as of this writing, the said sites are
accesses the said website. This is the Trend Micro detection for files that contain malicious IFRAME tags. However, as of this writing, the said sites are inaccessible. Arrival Details This Trojan arrives on
This malware may be hosted on a website and run when a user accesses the said website. It inserts an IFRAME tag that redirects users to certain URLs. Arrival Details This malware may be hosted on a
information-stealing capability. It inserts an IFRAME tag that redirects users to certain URLs. Arrival Details This Trojan may be hosted on a website and run when a user accesses the said website. Propagation This
This Trojan may be hosted on a website and run when a user accesses the said website. This is the Trend Micro detection for files that contain malicious IFRAME tags. It inserts an IFRAME tag that
This is a Trend Micro detection for a specially crafted .WMA audio file that contains an iframe pointing to possibly malicious websites. This Trojan may arrive bundled with malware packages as a