Search
Keyword: usojan.ps1.powload.jkp
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
Server 2012.) Autostart Technique The scheduled task executes the malware every: 1 minute Other System Modifications This Ransomware adds the following registry entries: HKEY_CURRENT_USER\Software\Other
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be manually installed
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops files as ransom note. Arrival Details This
\Software\zHwPYYWRMf idle = 1 It sets the system's desktop wallpaper to the following image: Other Details This Ransomware does the following: It executes the following command to drop a copy of itself:
This Ransomware may be downloaded by other malware/grayware from remote sites. It connects to certain websites to send and receive information. It encrypts files with specific file extensions. It
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It is capable of encrypting files in the affected
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. It encrypts files
the following registry keys: HKEY_CURRENT_USER\Software\3rd Eye Solutions HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Explorer\ SessionInfo\1\WHCIconStartup HKEY_CURRENT_USER\Software
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive
\SystemRestore DisableSR = "1" (Note: The default value data of the said registry entry is 0 .) Propagation This Trojan does not have any propagation routine. Backdoor Routine This Trojan does not have any
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies the Internet Explorer Zone Settings. It
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. It encrypts files
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Ransomware arrives on a system
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. It drops files as
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. It drops files as
This ransomware speaks, apart from dropping ransom notes. It determines the location (country) of the computer it infects, and avoids infecting computers found in certain countries. This Trojan
This ransomware, also known as R980 ransomware, resembles some aspects of RANSOM_MADLOCKER as it drops files other than ransom notes. It also avoids certain file paths. It asks its victims to pay .5