Search
Keyword: a virtual card for you
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It avoids encrypting files with the following file
This Hacking Tool may arrive bundled with malware packages as a malware component. It may be dropped by other malware. Arrival Details This Hacking Tool may arrive bundled with malware packages as a
This spam campaign purports to be an invitation reminder email supposedly from the LinkedIn professional networking site. The email contains a link that supposedly takes you to your LinkedIn account.
translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. Allows Media Center to locate and connect to the computer. This service delivers network
fake purchase site asking for sensitive information, such as credit card numbers: http://{BLOCKED}8.{BLOCKED}9.101.184 Below is a screenshot of the fake purchase page: The following registries are
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It encrypts files found in specific folders. It
where {string 1} and {string 2} is a combination of any of the following strings: agent app audio bio bits cache card cart cert com crypt dcom defrag device dhcp dns event evt flt gdi group help home host
analysis of the codes, it has the following capabilities: Checks if it is running on a virtual environment and will not proceed with its routines if it is Drops files
updater to trick users from installing it. This malware is designed to steal payment card information from the infected POS systems. It then utilizes a command-and-control (C&C) to exfiltrate the stolen
This ransomware, known as CryptXXX, is a .DLL file that is capable of locking screens. To avoid analysis, it has routines that makes it aware if it is run in a virtual environment. To get a
processes of the following browsers: chrome.exe
firefox.exe
iexplore.exe
opera.exe It displays a message box with the following contents if avgui.exe is found running in the system: Title: Thank you Message:
unknowingly downloaded by a user while visiting malicious websites. It may be injected into processes running in memory. It attempts to steal sensitive online banking information, such as user names and
purchase it once scanning is completed. If users decide to purchase the rogue product, users are directed to a certain website asking for sensitive information, such as credit card numbers. Arrival Details
glance the e-mail looks like a legitimate notification, notifying that the user's personal tax return has been rejected and that they should open the attached archive for more details. Upon further
This Trojan comes from a malware family that employs evasion tactics such as checking if it is running in a virtual environment. This malware is linked to the FlashPack exploit kit. To get a
message box about a graphic card error (Note: %ProgramData% is the Program Data folder, where it usually is C:\Program Files in Windows 2000, Windows Server 2003, and Windows XP (32- and 64-bit); C:
This spammed message is used to attract users to buy designer watch replicas from a commercial site now blocked by Trend Micro. It describes the watch features and says that Trend Micro now detects
This is a detection from the Trend Micro Predictive Machine Learning mechanism. It uses advanced machine learning technology to correlate threat information and perform in-depth analysis to detect
URL(s) to send and receive commands from a remote malicious user: {BLOCKED}.{BLOCKED}.210.49 Other Details This backdoor connects to the following URL(s) to check for an Internet connection:
URL(s) to send and receive commands from a remote malicious user: {BLOCKED}.{BLOCKED}.210.49 Other Details This backdoor connects to the following URL(s) to check for an Internet connection: