Search
Keyword: JS_EXPLOIT
letters}.png, _RECoVERY_+{random letters}.txt , and _RECoVERY_+{random letters}.html to the folders where the files are encrypted: It does not have rootkit capabilities. It does not exploit any
_RECoVERY_+{random letters}.txt, _RECoVERY_+{random letters}.html to the folders where the files are encrypted. It does not have rootkit capabilities. It does not exploit any vulnerability. Ransom.TeslaCrypt
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
in all fixed, removable, and network drives and shares. It opens the following ransom notes after encryption: It does not have rootkit capabilities. It does not exploit any vulnerability.
capabilities. It does not exploit any vulnerability. W32/Locky.A!tr (Fortinet); Trojan-Ransom.Win32.Locky.bm (Kaspersky); Ransom.Locky (Malwarebytes); Ransom:Win32/Locky.A (Microsoft) Downloaded from the Internet
This worm arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
}s.com/version.js?appTitle=SaveSense&cb={current month integer}_{current day integer} It also affects disk cache for Mozilla when it loads the URL. It does not have rootkit capabilities. It does not exploit
command. It does not have rootkit capabilities. It does not exploit any vulnerability. Dropped by other malware Compromises system security, Executes files
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan may be hosted on a website and run when a user accesses the said website. It is a component of other malware. Once a compromised site is visited, the user is redirected to a certain
does not have rootkit capabilities. It does not exploit any vulnerability. Dropped by other malware
NOTES: It changes the wallpaper with the following image: It drops the following ransom note: It does not have rootkit capabilities. It does not exploit any vulnerability. Ransom.Locky (Malwarebytes);
files OS architecture (if 64-bit) victim ID NOTES: It changes the wallpaper with the following image: It drops the following ransom note: It does not have rootkit capabilities. It does not exploit any
not exploit any vulnerability. Ransom:Win32/Locky.A (Microsoft), Trojan-Ransom.Win32.Locky.wmg (Kaspersky), Dropped by other malware, Downloaded from the Internet Encrypts files, Connects to URLs/IPs,
It does not exploit any vulnerability. Worm:Win32/Dorkbot.I (Microsoft) Propagates via instant messaging applications, Downloaded from the Internet, Propagates via removable drives Steals information,
{BLOCKED}g.net/intraf.php?kod={value}&site=www.surinamefoto.com http://www.{BLOCKED}r1.com/1.js http://www.w3.org/1999/xhtml It does not have rootkit capabilities. It does not exploit any vulnerability.
exploit any vulnerability. Trojan-Ransom.Win32.Locky.blq (Kaspersky), Trojan:Win32/Dynamer!ac (Microsoft) Downloaded from the Internet Connects to URLs/IPs, Encrypts files, Displays message/message boxes,
It displays the following ransom note: It does not have rootkit capabilities. It does not exploit any vulnerability. Ransom:Win32/Locky.A (Microsoft), Trojan-Ransom.Win32.Locky.bol (Kaspersky),
have rootkit capabilities. It does not exploit any vulnerability. Ransom.Locky (Symantec), Ransom:Win32/Locky.A (Microsoft), Trojan-Ransom.Win32.Locky.bom (Kaspersky) Downloaded from the Internet
not have rootkit capabilities. It does not exploit any vulnerability. Ransom.Locky (Symantec); Ransom:Win32/Locky (Microsoft); Trojan-Ransom.Win32.Locky.bos (Kaspersky); Trojan-Ransom.Locky (Ikarus);