Search
Keyword: usojan.ps1.powload.jkp
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Ransomware arrives on a system
Overwrites the following terminal bash command: netstat → lists all ports but hides specified ports, if any ls → lists all files and directores but hides files mentioned above ps → lists all processes but
This Coinminer arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It requires being executed with a specific
This Coinminer arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It requires being executed with a specific
This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes commands from a remote malicious user,
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops files as ransom note. It avoids encrypting
This Worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Worm arrives on a system as a file
\ Wow6432Node\CLSID\{11347ACA-6019-BD37-83C6-A3C16253F96A} NHmoOnuxYPLxe = "k}gwzGP" HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ Licenses {IEE1F7440C4EA354A} = "1\x00\x00\x00" HKEY_LOCAL_MACHINE\SOFTWARE\Classes
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies files, disabling programs and applications
= "fffe" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\Tcpip\Parameters TcpTimedWaitDelay = "1e" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\Tcpip\Parameters StrictTimeWaitSeqCheck = "1
CVE-2008-4609,MS09-048 The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to
This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Backdoor arrives on a system as a
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details
\Yqshjvw HKEY_CURRENT_USER\Software\WinRAR HKEY_CURRENT_USER\Software\Yqshjvw\ 1926745233 It adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center UacDisableNotify = "1
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\ODBC\ {random key} ProcessId = "7d" HKEY_LOCAL_MACHINE\SOFTWARE\ODBC\ Brazos volatile counter VolatileDsnCount = "1" HKEY_LOCAL_MACHINE\SOFTWARE\ODBC\ Temporary
adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center UacDisableNotify = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center\Svc AntiVirusOverride = "1