Search
Keyword: URL
This malicious URL is related to the series of attacks leveraging news about Osama bin Laden's death.
This URL is related to the bogus "Free Starbucks Coffee” Facebook page leading users to several redirections.
This is related to ANDROIDOS_PLANKTON.A. The malware connects to this URL in order to listen for commands.
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. This file contains a URL where it connects to possibly
This Trojan connects to the following possibly malicious URL when it is executed without command-line parameters: http://{BLOCKED}2.{BLOCKED}8.1.3:8000/compose.asp?s=2CD63D6C4AE1678418BE4823 When it
This Trojan downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the parameter passed on to it by its components. This Trojan arrives
This Trojan may be hosted on a website and run when a user accesses the said website. This file contains a URL where it connects to possibly download other files. Arrival Details This Trojan may be
following commands from a remote malicious user: Connect to a URL or website passed on to it as a parameter by its main component Download other possibly malicious files Execute the downloaded file Collect
This Trojan is a configuration file dropped by variants of WORM_QAKBOT malware. It contains the following information: URL where it can download an updated copy of its configuration file. FTP and IRC
This Trojan may gather system information. It may connect to a URL to send and recieve information from a remote user and to inform the remote user of an infection. It may also do this to download
Routine This Trojan takes advantage of the following software vulnerabilities to download possibly malicious files: CVE-2012-4681 It downloads a possibly malicious file from a certain URL. The URL where
password: Sends the gathered credentials to the following URL via HTTPS POST: https://{BLOCKED}s.ca/wp-admin/cat.php Connects to the following URL to display the fake site: http://icons.{BLOCKED
shorten URL which redirects to: https://{BLOCKED}s1479.page.link/7CSy https://bit.ly/3GtaxPN shorten URL which redirects to: https://hotgrls1479.page.link/7CSy --> It does not exploit any vulnerability.
Premier login page It connects to the following URL to display the webpage's background image (tracked as non-malicious)
Other Details This Trojan does the following: It disguises itself as a login page to view Excel Sheet. Upon siging in, it connects to the following URL to display fake error image: https://www.{BLOCKED
The domain is exploited using a malicious script. Visiting the said URL may cause execution of malicious content.
This malicious URL is related to the Osama bin Laden death video web attacks and the detection TROJ_DELF.COJ.
JS_AGENT.SMJ is downloaded onto the affected system from this URL when a user previews a specially crafted email.
TROJ_FAKEAV.WKA connects to this URL should the user choose to purchase the full version of the rogue product.
The malware TROJ_MONDER.RON connects to this URL to download additional files. The downloaded files are also detected as TROJ_MONDER.RON.