Search
Keyword: HTML_SOHANAD
\Parameters Other System Modifications This Trojan deletes the following files: %Program Files%\syslass.cpl %Program Files%\Common Files\Plugins\!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01//EN
this HTML script launches a hidden IFRAME that connects to a malicious URL. It redirects browsers to certain sites. Arrival Details This Trojan executes when a user accesses certain websites where it is
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This spyware arrives on a system as a
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This spyware arrives on a system as a
It modifies registry entries to enable its automatic execution at every system startup. It attempts to steal information, such as user names and passwords, used when logging into certain banking or
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
\PROTOCOLS\Filter\ text/html CLSID = "{random CLSID}" HKEY_CLASSES_ROOT\PROTOCOLS\Filter\ text/html (Default) = "Microsoft Improved HTML MIME Filter" HKEY_CURRENT_USER\Software\CLSID\ {Random UUID}
malicious script. Once a user visits an affected Web page, this HTML script launches a hidden IFRAME that connects to a malicious URL. Arrival Details This Trojan may be hosted on a website and run when a
tag. Once a user visits an affected Web page, this HTML script launches a hidden IFRAME that connects to a malicious URL. Arrival Details This Trojan may be hosted on a website and run when a user
a user accesses the said website. This is the Trend Micro detection for files that contain malicious IFRAME tags. Once a user visits an affected Web page, this HTML script launches a hidden IFRAME
This is the Trend Micro detection for Web pages that were compromised through the insertion of a certain IFRAME tag. Once a user visits an affected Web page, this HTML script launches a hidden IFRAME
accesses the said website. Once a user visits an affected Web page, this HTML script launches a hidden IFRAME that connects to a malicious URL. Arrival Details This Trojan arrives on a system as a file
\PROTOCOLS\Filter\ text/html CLSID = "{random CLSID}" HKEY_CLASSES_ROOT\PROTOCOLS\Filter\ text/html (Default) = "Microsoft Improved HTML MIME Filter" HKEY_CURRENT_USER\Software\CLSID\ {Random UUID}
This Trojan connects to websites that contain pornographic content. This Trojan executes when a user accesses certain websites where it is hosted. This is the Trend Micro detection for files that
%System%\oobe\HOW TO DECRYPT FILES.txt %System%\oobe\error\HOW TO DECRYPT FILES.txt %System%\oobe\html\dslmain\HOW TO DECRYPT FILES.txt %System%\oobe\html\iconnect\HOW TO DECRYPT FILES.txt %System%\oobe