Search
Keyword: URL
the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where this malware
then executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where
then executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where
URL. The URL where this malware downloads the said file depends on the following parameter(s) passed on to it by its components: t ur0l0 Java/Exploit.CVE-2013-0422.CK trojan
File Name of TROJ64_INJECT.USR string 2 = encrypted URL It registers itself as a service to enable automatic execution on startup: {Malware File Name} Downloaded from the Internet, Dropped by other
properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML
following software vulnerabilities to download possibly malicious files: re.exe It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the
command get local php configuration file get local list of files Information Theft This backdoor accepts the following parameters: URL to send and receive information directory for downloaded file It
the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where this malware
downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the parameter passed on to it by its components. Information Theft This Trojan does not
of the downloaded files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the parameter
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Download Routine This Trojan downloads the file from the following URL and renames the file when
the file from the following URL and renames the file when stored in the affected system: http://{BLOCKED}ngroup.com/papifrnd.exe It takes advantage of the following software vulnerabilities to download
sequence of specially crafted Internet Control Message Protocol (ICMP) messages to a target system or sends a specially crafted URL request to a server that is serving Web content and has the URL-based
like citing current events such as the Covid-19 pandemic to grab the receiver’s attention. The download URL structure, technique used, and macro code is similar to that of a campaign that delivers
file from the following URL and renames the file when stored in the affected system: http:/{BLOCKED}.{BLOCKED}.218.107/b2f627/ip_cn.txt (Contains List of IP Addresses) It saves the files it downloads
user to re-enter their credentials It redirects the webpage to the following URL after sending the user credentials the second time: http://www.{Email Domain} It does not exploit any vulnerability.
following: This backdoor connects to the following URL through UDP communication to get and execute arbitrary codes: {BLOCKED}ge.3057441.ns1.microsoftdata.site However, as of this writing, the said sites are
following: This backdoor connects to the following URL through UDP communication to get and execute arbitrary codes: {BLOCKED}ge.3057441.ns1.microsoftdata.site However, as of this writing, the said sites are
!api/2.0/snippets/lulimpishtum/aqqApa/ae9f1bacccbf90b8221f755a259d1cddb270c79b/files/file Other Details This Trojan connects to the following URL(s) to get the affected system's IP address: https://{BLOCKED}ig.me/ip It does the following: It connects to the following URL to get the