Search
Keyword: ransom_cerber2222
6455 Total Search |
Showing Results : 1 - 20
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It uses the Windows Task Scheduler to add a scheduled
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It uses the Windows Task Scheduler to add a scheduled
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It uses the Windows Task Scheduler to add a scheduled
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It uses the Windows Task Scheduler to add a scheduled
This malware is a variant of malware family CERBER discovered late November 2016, and has been found to be sporting routines that seek out database processes in the affected system. This is believed
malicious sites. Installation This Trojan drops the following files: {folders containing encrypted files}\README.hta - Ransom note %User Temp%\{random characters}.bmp - background image %User Temp%\README.hta
information. It encrypts files with specific file extensions. It drops files as ransom note. Arrival Details This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded
This ransomware speaks, apart from dropping ransom notes. It determines the location (country) of the computer it infects, and avoids infecting computers found in certain countries. This Trojan
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself. It
\music\sample music\ \public\pictures\sample pictures\ \public\videos\sample videos\ \tor browser\ It leaves text files that serve as ransom notes containing the following text: NOTES: It avoids infecting
the following files: %User Temp%\tmp{4 Alpha Numeric Characters}.bmp ← Ransom note wallpaper %User Temp%\{random characters}\{random characters}.tmp (Note: %User Temp% is the user's temporary folder,
malicious sites. Installation This Ransomware drops the following files: {folder of encrypted files}\_README_.hta - ransom note %Desktop%\_README_.hta %User Temp%\tmp{random numbers}.bmp - ransom note
drops files as ransom note. Arrival Details This Ransomware may be downloaded by the following malware/grayware from remote sites: JS_NEMUCOD.PFL Installation This Ransomware drops the following files:
other malware or as a file downloaded unknowingly by users when visiting malicious sites. Installation This Trojan drops the following files: %Desktop%\README.hta - ransom note %User Temp%\{random name
Server 2012.) It drops the following files: C:\enYXval36CenYXval36C\x C:\enYXval36CenYXval36C\enYXval36C.vbs %User Temp%\a.vbs %User Temp%\x %Desktop%\_HELP_HELP_HELP_{random}_.png - ransom note %Desktop%
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. It is capable of
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself. It is
sites. Installation This Trojan drops the following files: %User Temp%\tmp8D.bmp - background image {folders containing encrypted files}\README.hta - Ransom Note (Note: %User Temp% is the user's temporary
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It may be downloaded by other malware/grayware/spyware from remote sites. It terminates
is capable of encrypting files in the affected system. It drops files as ransom note. Arrival Details This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded