Search
Keyword: troj_crypctb
It opens TCP port 33440 and creates a completion port so that whenever a user tries to connect to any website, the request to that website will be intercepted and redirected to the proxy server on
This Trojan deletes itself after execution. Installation This Trojan drops the following copies of itself into the affected system: %Application Data%\{random numbers}.exe (Note: %Application Data%
This Trojan may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while visiting malicious websites. It installs a fake
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies the user's Internet Explorer home page into
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are
This Trojan deletes itself after execution. Installation This Trojan drops the following copies of itself into the affected system: C:\Documents and Settings\All Users\Application Data\{random folder
This Trojan deletes itself after execution. Installation This Trojan drops the following copies of itself into the affected system: %Application Data%\{random folder name}\{random file name}.exe
This Trojan may be dropped by other malware. Arrival Details This Trojan may be dropped by the following malware: BKDR_GIBON.SMA Other System Modifications This Trojan adds the following registry
This is a component of a malicious Java archive file (.JAR). When executed, it may connect to remote sites to download possibly malicious files. However, it requires other components in order to run
Other Details Based on analysis of the codes, it has the following capabilities: It is a component of a malicious Java archive file (.JAR) that may be dropped or downloaded by other malware. It may
Arrival Details This Trojan may be downloaded from the following remote sites: http://{BLOCKED}t.com/sw/mssaezv/etsg.jar Download Routine This Trojan takes advantage of the following software
This Trojan may be dropped by other malware. It arrives as a component bundled with malware/grayware packages. Arrival Details This Trojan may be dropped by other malware. It arrives as a component
This Trojan has received attention from independent media sources and/or other security firms. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown
This Trojan may be dropped by other malware. It connects to certain URLs. It may do this to remotely inform a malicious user of its installation. It may also do this to download possibly malicious
Installation This Trojan drops and executes the following files: %System%\yise.ero - detected as TROJ_DLOADR.SMVE (Note: %System% is the Windows system folder, which is usually C:\Windows\System on
This Trojan may be dropped by other malware. Arrival Details This Trojan may be dropped by other malware. NOTES: It enables the automatic execution of its component malware every time the physical
This Trojan may be dropped by other malware. It is a component of other malware. It may be injected into processes running in memory. It requires its main component to successfully perform its
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the dropped file(s). As a result, malicious
This Trojan may arrive bundled with malware packages as a malware component. It may be downloaded by other malware/grayware/spyware from remote sites. It is a specially crafted PDF file which when