Search
Keyword: JS_EXPLOIT
Micro detection for HTML files with an encrypted JavaScript in a <div> tag, and its decryptor. Samples of this malware are seen to exploit the following vulnerabilities: CVE-2010-3552 CVE-2010-4452
This malware is related to a mass compromise that leads to a series of redirections that ultimately point users to the Blackhole Exploit kit exploiting vulnerabilities cited in CVE-2010-0188 and
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. This is the Trend Micro detection for Web pages that
following URLs to possibly download other malicious files: http://d.{BLOCKED}inrt.us/s.exe Trend Micro detects the dowloaded file as: TROJ_SASFIS.VR Other Details This Trojan is a zero-day exploit for the
However, as of this writing, the said sites are inaccessible. It inserts an IFRAME tag that redirects users to certain URLs. Backdoor Routine However, as of this writing, the said sites are
}epcteete.biz/3857076415/1384748340.jar NOTES: This Trojan may arrive as a part of an exploit kit. Mal/ExpJS-BP(Sophos) Downloaded from the Internet Others
firefox.exe iexplore.exe It imports rogue root certificates to browsers (Internet Explorer, Firefox). It does not have rootkit capabilities. It does not exploit any vulnerability.
ratchetmining.com slushpool stratum+ suprnova.cc teracycle.net usxmrpool viaxmr.com xmrpool yiimp zergpool zergpoolcoins zpool It is capable of propagating in the local network via the following means: SMB Exploit
may be downloaded from the following remote sites: Compromised or malicious sites hosting RIG EK Exploit Kit Download Routine This Trojan saves the files it downloads using the following names: %User
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be hosted on a website and run when a user
does not exploit any vulnerability. Downloaded from the Internet
}africadesigns.com/fida/wp-admin/css/colors/blue/blue.php?id={random} https://mambo-africadesigns.com/fida/wp-admin/css/colors/blue/blue.php?id={random} --> However, as of this writing, the said sites are inaccessible. It does not exploit any
install browser extension: It may change the default search website to the following URL: http://{BLOCKED}k.com/toolbarv/askRedirect.jsp?gct=&gc=1&q={searchTerms}&crm=1&toolbar=GLS It does not exploit any
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. As of this writing, the said sites are inaccessible.
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the downloaded files. As a result, malicious
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the downloaded files. As a result, malicious
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. As of this writing, the said sites are inaccessible.