Search
Keyword: URL
voir absolument. Once an unsuspecting user clicks on the said video, it plays a YouTube video. It then triggers an automatic Like on Facebook for a malicious URL and displays the link on the wall of the
Force terminate the following Processes: SpyTheSpy.exe TiGeR-Firewall.exe bavtray.exe Check if running under virtual machine Create a shortcut that will go to a specified url at every system startup Hide
the file from the following URL and renames the file when stored in the affected system: https://{BLOCKED}ipegauction.ca/wp-content/uploads/2014/07/p2104us77.exe It saves the files it downloads using
the file from the following URL and renames the file when stored in the affected system: https://{BLOCKED}ntravels.com/wp-content/uploads/2010/02/atlantis1-150x150.exe It saves the files it downloads
HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion path = {malware file path}\{malware file name} Download Routine This Trojan downloads the file from the following URL and renames the file when stored in
the file from the following URL and renames the file when stored in the affected system: https://{BLOCKED}esteward.com/css/Document1704.exe It saves the files it downloads using the following names:
Modification This spyware modifies the Internet Explorer Zone Settings. NOTES: This spyware accesses the URL https://www.pinterest.com/pin/{BLOCKED}5416/ to retrieve the server IP address of fake login pages. It
files are exhibited on the affected system. Other Details This Trojan deletes itself after execution. NOTES: This Trojan accesses the URL {BLOCKED}.{BLOCKED}.35.133:33136/0912us21/{Computer Name}/0/{OS
Trojan downloads the file from the following URL and renames the file when stored in the affected system: https://{BLOCKED}d.co.il/images/navigation.exe It saves the files it downloads using the following
information on the affected computer: Computer Name OS Version RAM NOTES: This backdoor pings the following URL to get its IP address where it connects to send and receive information from malicious user: file.
file from a certain URL. The URL where this malware downloads the said file depends on the following parameter(s) passed on to it by its components: fool twin Other Details This Trojan takes advantage of
\Users\{user name}\AppData\Local\Temp on Windows Vista and 7.) It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the following
request to the remote URL to download a file which it executes on the machine. It then sends the results of the executed file back to the remote server. Dropped by other malware Connects to URLs/IPs,
OSX_WIRELURK.A) enables the malware to download an updated copy of itself from the server and save it as follows: /usr/local/machook/update/update.zip It connects to the following URL to retrieve a link of its
said sites are inaccessible. Other Details This Exploit does the following: It connects to the following URL to execute a malicious script: https://a.{BLOCKED}o.{BLOCKED}e/wxbdpx.hta The malicious script
Socks proxy (port to use, IP address to allow, IP address to deny, User-Agent, view server info, end proxy service) List, add, delete, or modify a user account Download file from a URL Share a shell
Details This Trojan does the following: Executes a script from the URL http://{BLOCKED}u.com/3? - script that connects to the URLs mentioned above to download and execute a malicious file
contains textbox for username/email and password. Upon clicking the "Download File" button on the pop-up window, the malware will connect to this malicious URL to send the stolen information (username and
contains textbox for username/email and password. Upon clicking the "Download File" button on the pop-up window, the malware will connect to this malicious URL to send the stolen information (username and
Password: root admin admin123 huigu309 xc3511 vizxv It is capable of dropping downloader binaries depending on the system architecture. The dropped binary accesses the following URL to download its payload: