Search
Keyword: URL
exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the parameter passed on to it by its components.
exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the following parameter(s) passed on to it by its
The URL where this malware downloads the said file depends on the parameter passed on to it by its components.
Black Hole Exploit Kit. This Trojan downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the parameter passed on to it by its components.
}.{BLOCKED}.112.81/p.php?f=dd9d6&e=2 by passing an encrypted version of the URL as the parameter uid to JAVA_BLACOLE.ERZ. Exploit:JS/Blacole.GB (Microsoft) Downloaded from the Internet Downloads files
a file from a URL Execute a command via the shell Delete a file Download a file and save it as /tmp/xntaskz.gz . Decompress the downloaded file to /tmp/xntaskz . Execute the following command:
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It downloads a file from a certain URL then renames it
writing, the said sites are inaccessible. NOTES: This backdoor sends the following information to the URL upon connection: Computer Name Current User Name OS Version Volume Information It saves the file it
possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the parameter passed on to it by its components. Information Theft This Trojan does not have any
are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the parameter passed on to it by its
downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the parameter passed on to it by its components. NOTES: The said site (where users can get
delay proxy suspend open URL install unknown (Note: %User Temp% is the current user's Temp folder, which is usually C:\Documents and Settings\{user name}\Local Settings\Temp on Windows 2000, XP, and
from the following URL and renames the file when stored in the affected system: %User Temp%\GSTOUF.exe (Note: %User Temp% is the current user's Temp folder, which is usually C:\Documents and Settings\
files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the following parameter(s) passed on to
Windows version NOTES: This backdoor uses the following URL as its proxy server to connect to its C&C to avoid detection: https://docs.google.com Dropped by other malware, Downloaded from the Internet
from a certain URL. The URL where this malware downloads the said file depends on the following parameter(s) passed on to it by its components: val prime Other Details This Trojan requires its main
then executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where
Routine This Trojan downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the following parameter(s) passed on to it by its components: a
following file name if it doesn't exist in the %Desktop%: C:/Users/Admoooon/Desktop/TORBrowser.exe It uses the following URL to download the TORBrowser:
Windows Vista, 7, and 8.) Other Details This Trojan does the following: It connects to the following URL to download and execute code in memory: https://{BLOCKED}er.com/image.rar The document contains the