Search
Keyword: URL
of a malicious Java archive file (.JAR), which attempts to download and execute possibly malicious file from a certain website. The URL where this malware downloads the said file depends on the
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. NOTES: This trojan downloads a possibly malicious file from a certain URL. The URL where this
malware packages as a malware component. It executes when a user accesses certain websites where it is hosted. NOTES: This Trojan downloads from the URL specified in the parameter sw , and saves the
bundled with malware/grayware packages. It executes when a user accesses certain websites where it is hosted. NOTES: It downloads from the URL specified in the parameter p and saves it as {malware path}\
is capable of downloading and executing a possibly malicious file from a certain url . As a result, malicious routines of downloaded file are also exhibited on the affected system. Since this a .CLASS
bundled with malware/grayware packages. It executes when a user accesses certain websites where it is hosted. NOTES: It downloads from the URL specified in the parameter "p" and saves it as
attempts to download files into the affected system. The URL where this malware downloads the said file depends on the parameter passed on to it by its components
are inaccessible. NOTES: It generates a random name to be used for the domain name of the URL it connects to. Connects to URLs/IPs, Downloads files
file. The URL where it downloads the file is usually indicated in the HTML param tag. Save the downloaded file in the current user's Temp folder
}eton.ru/por/setup64.exe Other Details This Trojan does the following: It accesses http://{BLOCKED}4shared.com/download/ka45waaa/INIArg.txt to receive information. The reply from the said site contains the download URL of
antivirus called Antimalware Tool . It accesses the following URL to download the said rogue antivirus: {BLOCKED}s.co.be/{value} scheets.co.be/{value} --> However, the said site is currently inaccessible.
}anegocios.net.br/SxGqYND1CP8 NOTES: The PDF file contains a URL that needs to be clicked by the user. Trojan:W32/FakePDF.A (F-Secure); Troj/PDFDown-B (Sophos) Dropped by other malware, Downloaded from the Internet Connects to
malware/grayware or malicious users. NOTES: The PDF contains a link, that points to the shortened URL http://ow.ly/{BLOCKED}Ku : Once accessed, the user is redirected to http://redtecx.{BLOCKED}t.com/ , which
bundled with malware packages as a malware component. Download Routine This malware downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the
downloaded files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the parameter passed on to it by
hosted on a website and run when a user accesses the said website. Download Routine This Trojan downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file
hosted on a website and run when a user accesses the said website. Download Routine This Trojan downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file
hosted on a website and run when a user accesses the said website. Download Routine This Trojan downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file
link on the PDF file, it accesses the said URL which is a phishing site. This routine risks the exposure of the user's account information, which may then lead to the unauthorized use of the stolen data.
following: It connects to the following URL to get and execute arbitrary commands: https://myC2.{BLOCKED}e.com However, as of this writing, the said sites are inaccessible. Downloaded from the Internet