Search
Keyword: URL
unsuccessful, will download from the following URL instead: URL2: https://{BLOCKED}icavirtual.org/wp-content/out/lim.php URL1: https://{BLOCKED}o.us/wp-content/out/lim.php If unsuccessful, will download from the
OS architecture Domain Username Date Other Details This Trojan does the following: If Administrator role: It connects to the following URL to download component loaded in its memory: http://cdn.
}p.ru/pro/project/index.php http://www.{BLOCKED}p.ru/pro/project/index2.php Other Details Based on analysis of the codes, it has the following capabilities: It accesses the following URL to POST information about the affected
{hash} http://{BLOCKED}egta.su//b/{eve|opt|letr}/{hash} Information Theft This spyware s configuration file contains the following information: Search URL (referrer url) Update URL (new C&C) Click URL
{hash} http://{BLOCKED}egta.su//b/{eve|opt|letr}/{hash} Information Theft This spyware s configuration file contains the following information: Search URL (referrer url) Update URL (new C&C) Click URL
legitimate UPS website to trick them into clicking the malicious URL that starts the infection chain. When users executed the backdoor, it steals stored information found in certain FTP clients and email
local computer names, user names, and IP addresses and of retrieving a file from a remote URL without the users' knowledge.
site. Users can easily spot the phishing site if they see the site URL is something else other than https://online.dubaifirst.com/ . To avoid becoming victims of phishing scams, Trend Micro advises users
This backdoor connects to a certain URL to send and receive commands from a remote malicious user. It gathers certain information and sends the gathered information via HTTP POST to a specific URL.
below: CVE-2012-0507 NOTES: It downloads from the URL specified in the parameter b that the web page hosting the virus provides and executes the downloaded file. As a result, malicious routines of the
Server 2003.) NOTES: This is a Java class file that is used to execute an exploit code. Once successful, it may download a possibly malicious file from a certain URL. The URL where this malware downloads
executes the dropped component file. The dropped component file downloads a file from a URL specified in the encrypted parameter,. p . The downloaded file is saved as %User Temp%\{random number}.exe , and is
intended routine. NOTES: This is a malicious Java archive file (.JAR), which attempts to download and execute possibly malicious file from a certain website. The URL where this malware downloads the said
Server 2003.) NOTES: This is a Java class file that is used to execute an exploit code. Once successful, it may download a possibly malicious file from a certain URL. The URL where this malware downloads
Server 2003.) NOTES: This is a Java class file that is used to execute an exploit code. Once successful, it may download a possibly malicious file from a certain URL. The URL where this malware downloads
The URL where this malware downloads the said file depends on the parameter passed on to it by its components. Exploit:Java/CVE-2012-1723.AC (Microsoft), Exploit.Java.CVE-2012-0507.nh (Kaspersky),
component of a malicious Java archive file (.JAR), which is capable of downloading and executing other possibly malicious files from a certain URL. The URL where this malware downloads the said file depends
The URL where this malware downloads the said file depends on the parameter passed on to it by its components. a variant of Java/Exploit.CVE-2012-1723.AJ trojan (Eset)
) NOTES: This Trojan downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the parameter passed on to it by its components. It executes
{BLOCKED}.237.10/Home/index.php to download a possible malicious script. As a result, routines of the downloaded script are also exhibited on the affected system. However, as of this writing, the said URL is