Search
Keyword: troj_crypctb
This Trojan may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while visiting malicious websites. Arrival Details This Trojan may be
This Trojan deletes itself after execution. Installation This Trojan drops the following copies of itself into the affected system: %User Temp%\AcroRD32.exe (Note: %User Temp% is the current user's
This Trojan takes advantage of the following vulnerability: RTF Stack Buffer Overflow vulnerability More information about this vulnerability can be found in the following Web page: Microsoft
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It connects to certain websites to send and receive information. It
This Trojan executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. It deletes itself after execution. Installation This Trojan drops
This Trojan may be unknowingly downloaded by a user while visiting malicious websites. This file contains a URL where it connects to possibly download other files. It deletes itself after execution.
This Trojan connects to the certain URL(s) to download its component file(s). Installation This Trojan injects threads into the following normal process(es): Explorer.exe Autostart Technique This
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes the downloaded files. As a result, malicious routines of the downloaded files
Installation This Trojan drops the following component file(s): %Startup%\ .jse %Windows%\Survival_0.txt (Note: %Windows% is the Windows folder, which is usually C:\Windows or C:\WINNT.) Autostart
This Trojan may arrive as a file that exports functions used by other malware. It arrives as a component bundled with malware/grayware packages. However, as of this writing, the said sites are
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. However, as of this writing, the said sites are inaccessible. It executes
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the downloaded files. As a result, malicious
Installation This Trojan drops the following files: %User Temp%\RarSFX4\d.7z %User Temp%\RarSFX4\7za.exe %User Temp%\RarSFX4\explorer.exe %User Temp%\RarSFX4\nircmdc.exe (Note: %User Temp% is the
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes downloaded files whose malicious routines
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. Arrival Details This Trojan may be dropped by other malware. It may be
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It arrives as a component bundled with malware/grayware
This Trojan deletes itself after execution. Installation This Trojan drops the following files: %System%\ismserv.dll - non-malicious file (Note: %System% is the Windows system folder, which is
Autostart Technique This Trojan adds the following registry entries to enable its automatic execution at every system startup: HKEY_CLASSES_ROOT\CLSID\{AFD4AD01-58C1-47DB-A404-FBE00A6C5486}
It is a fake system diagnostic tool that tricks users into thinking that it is a legitimate program capable of searching for errors and issues on the affected system. Upon execution, it displays a