Search

Description Name: Possible DLOADER - HTTP (Request) - Variant 4 . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Point of Entry. This also indicates a malware infection. Below are some indicators ...

Description Name: Possible DLOADER - HTTP (Request) - Variant 6 . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Point of Entry. This also indicates a malware infection. Below are some indicators ...

This Trojan arrives as attachment to mass-mailed email messages. It enables its automatic execution at every system startup by dropping copies of itself into the Windows Common Startup folder.

This Trojan is used to load and execute a file. Arrival Details This Trojan may be downloaded from the following remote sites: http://{BLOCKED}9.{BLOCKED}8.107.129/yy.html http://{BLOCKED}9.{BLOCKED

This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes the downloaded files. As a result, malicious routines of the downloaded files

deletes shadow copies by executing the following command: vssadmin.exe Delete Shadows /Quiet /All It requires a specific parameter in order to perform its intended routine: "%System%\rundll32.exe" "{Malware

encrypted files using the following names: {unique ID per victim}-{identifier}.zzzzz It does the following: It requires a specific parameter in order to perform its intended routine: "%System%\rundll32.exe" "

TROJ_DLDR.HB connects to this URL to download a file and saves it as %System%\logda.dat . This malware is involved in the cyber attacks that targeted specific users in South Korea during March of

JS_DLOADER.SMGA may be downloaded from this site. JS_DLOADER.SMGA exploits a CVE-2012-1875 vulnerability in Internet Explorer .

This Trojan takes advantage of the following software vulnerability to drop malicious files: Adobe and Acrobat .PDF Vulnerability This Trojan arrives as an attachment to email messages spammed by

This Trojan may be dropped by other malware. It executes the files it drops, prompting the affected system to exhibit the malicious routines they contain. Arrival Details This Trojan may be dropped

Other System Modifications It adds the following registry keys: a b=c (Note: The default value data of the said registry entry is d .)

Other Details This Trojan does the following: This is Trend Micro's detection for scripts that contains a malicious Java Script code. The said Java Script calls other malicious scripts hosted in the

Trojans or Trojan horse programs refer to a family of malware that carry payloads or other malicious actions that can range from the mildly annoying to the irreparably destructive. They can also

Other Details This Trojan is a zero-day exploit for the following vulnerability: Adobe Reader and Adobe Acrobat

Other Details Based on analysis of the codes, it has the following capabilities: The malware decodes a Base-64 encoded text in the host HTML file, then executes the decoded text.

Other Details Based on analysis of the codes, it has the following capabilities: This specially crafted PDF file contains an ebedded JavaScript that takes advantage of a vulnerability in Adobe

following: Once the user clicked the link in the PDF, the user will be redirected to the said site where the archive "Scanned-device-name-QTS9611RMCKSBO.zip" is downloaded. The said archive file contains a

Trojans or Trojan horse programs refer to a family of malware that carry payloads or other malicious actions that can range from the mildly annoying to the irreparably destructive. They can also

remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to use of mutable strings in the js_StringReplaceHelper