Search
Keyword: HTML_SOHANAD
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
Profile%\HTML Help\HTML Help.exe %User Profile%\Media Index\Media Index.exe %User Profile%\Media Player\Media Player.exe %User Profile%\Network\Network.exe %User Profile%\User Account Pictures\User Account
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan may arrive bundled with malware packages as a malware component. Arrival Details This Trojan may arrive bundled with malware packages as a malware component. Dropping Routine This Trojan
\RÊCYCLÊR %User Profile%\Microsoft\HTML Help (Note: %System Root% is the root folder, which is usually C:\. It is also where the operating system is located.. %User Profile% is the current user's profile
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Installation This Trojan creates the following folders: %User Profile%\Microsoft\HTML Help (Note:
following file extensions: asp htm html It then appends an iframe to these files that redirects users to http://{BLOCKED}g08.com/down/htmmm/mm.Htm . Infected files are detected as HTML_IFRAME.QT. It also
FindFirstFileW FindNextFileW RegEnumValueA RegEnumValueW It hooks the following API calls to search for network traffic for a predetermined HTML elements: InternetCloseHandle InternetQueryDataAvailable
This Trojan may be hosted on a website and run when a user accesses the said website. It requires its main component to successfully perform its intended routine. Arrival Details This Trojan may be
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
This malware steals information that can compromise the user's online credentials and accounts. It also uses the Skype messenger application to distribute various threats, including ransomware,
This Trojan attempts to steal sensitive online banking information, such as user names and passwords. This routine risks the exposure of the user's account information, which may then lead to the
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes then deletes itself afterward. It modifies
into HTML files Join an IRC channel Log in to FTP sites Perform Slowloris, UDP, and SYN flooding Run Reverse Socks4 proxy server Send MSN Messenger messages Steal login credentials Update itself Visit a
Web page, this HTML script launches a hidden IFRAME that connects to a malicious URL. It redirects browsers to certain sites. Arrival Details This Trojan may be hosted on a website and run when a user
This Trojan may be dropped by other malware. It does not have any propagation routine. It does not have any backdoor routine. When users agree to buy the software, it connects to a certain URL. It