Search
Keyword: URL
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. This file contains a URL where it connects to possibly
data. NOTES: It may connect to a remote URL to download its configuration file. The said file contains information where the malware can download an updated copy of itself, and where to send its stolen
the following websites to download files: http://www.{BLOCKED}ayu.com.my/images/history5.jpg - list containing the URL http://www.{BLOCKED}sshoes.jp/contents/images/spacer5.gif http://www.{BLOCKED
VeltorCoin, Permuted x11, X11, X13, X14, X15, X17, ZR5] -o, --url=URL URL of mining server -O, --userpass=U:P username:password pair for mining server -u, --user=USERNAME username for mining server -p, --pass
\ Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} DisplayName = "???" HKEY_CURRENT_USER\Software\Microsoft\ Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It downloads a file from a certain URL then renames it
cPanel email address Reset cPanel Password Download and drop tools Create email account Download Routine This Backdoor downloads the file from the following URL and renames the file when stored in the
the message, including one that promoted free movies. Another sample purportedly provided a link to a .PDF file. Checking the said URLs, however, revealed that both versions of the embedded URL led to
This backdoor connects to a certain URL to send and receive commands from a remote malicious user. It is capable of executing the certain backdoor commands. It also performs a HTTP POST request.
executes the following commands from a remote malicious user: Download Files Remove Itself Send message to the affected system Get Operating System Information Execute Files Open a specific URL with Internet
Environment component to connect to a website and download possibly malicious files. The URL where this Trojan connects depends on the parameter passed on to it by its components. It does not have a rootkit
generates a psuedorandom string to be used for the domain name of the URL it connects to. It does not have rootkit capabilities. It does not exploit any vulnerability. Trojan:JS/BlacoleRef.W (Microsoft),
This Trojan connects to a malicious URL through via 443 to send information such as computer name, user name, IP address, and subnet mask among others. However, as of this writing, the said site is
browser helper objects (BHOs). BHOs are commonly used by adware. With this, users may experience unwanted pop-up advertisements and URL redirections. This backdoor executes commands from a remote malicious
browser helper objects (BHOs). BHOs are commonly used by adware. With this, users may experience unwanted pop-up advertisements and URL redirections. This backdoor executes commands from a remote malicious
The URL where this malware downloads the said file depends on the following parameter(s) passed on to it by its components: igAGgYDI lKnm jkfcQz Other Details This Trojan requires its main component to
downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the following parameter(s) passed on to it by its components: val prime Other Details This
result, malicious routines of the downloaded files are exhibited on the affected system. NOTES: This malware connects to the following URL http://{BLOCKED}.{BLOCKED}.49.18/img?k=316serena123456aaaac&v=1 to
This Trojan may arrive bundled with malware packages as a malware component. It may be hosted on a website and run when a user accesses the said website. It downloads a file from a certain URL then
\Local Settings\Temp on Windows 2000, XP, and Server 2003, or C:\Users\{user name}\AppData\Local\Temp on Windows Vista and 7.) It downloads a possibly malicious file from a certain URL. The URL where this