Search
Keyword: js
extension}x - JS script detected as Worm.JS.DLOADR.AA It adds the following processes: WScript /e:JScript "{Malware Path}\{Malware Name and Extension}x" Other Details This Trojan does the following: The
Application creates the following folders: %User Temp%\DLG\ui\common\last\img %User Temp%\DLG\ui\offers %User Temp%\DLG\ui\offers\6feea63b754e32b1559652e5f9285c52\js %User Temp%\DLG\ui\common\last\js %User Temp
Application creates the following folders: %User Temp%\DLG\loadingImage %User Temp%\DLG\ui\common\last\img %User Temp%\DLG\ui\offers %User Temp%\DLG\ui\common\base\js %User Temp%\DLG\ui\common\progress\img
Temp%\DLG\ui %User Temp%\DLG\dlgres %User Temp%\DLG\ui\common\base\css %User Temp%\DLG\ui\common\progress\js %User Temp%\DLG\ui\offers\4bee1563f288b8178b768f312db4c273 %System Root%\Users %User Temp%\DLG
\1522ef138ba104249c3934a80811f825\img %User Temp%\DLG\ui\offers\1522ef138ba104249c3934a80811f825\js %User Temp%\DLG\initWindow %User Temp%\DLG\ui\common\base\js %User Temp%\DLG\ui\common\last\img %System Root%\Users %User Temp%\DLG
Application creates the following folders: %User Temp%\DLG\ui\common\base %User Temp%\DLG\ui\offers\4bee1563f288b8178b768f312db4c273\js %User Temp%\DLG\ui\common\progress\js %User Temp%\DLG\ui\common\progress
{930F4D28-FA09-43D5-AB3C-E04429888585} %User Temp%\~zm_{930F4D28-FA09-43D5-AB3C-E04429888585}\css %User Temp%\~zm_{930F4D28-FA09-43D5-AB3C-E04429888585}\images %User Temp%\~zm_{930F4D28-FA09-43D5-AB3C-E04429888585}\js (Note: %User Temp%
%Program Files%\leyoubox\Cache\box_new\item_wl.html %Program Files%\leyoubox\Cache\box_new\item_wy.html %Program Files%\leyoubox\Cache\box_new\js\box2.js %Program Files%\leyoubox\Cache\box_new\js
is the Trend Micro detection for: Microsoft Word documents that has embedded malicious JS file detected as: JS_DLOADR.GTLZ NOTES: It displays the following to trick the user in clicking the embedded JS
is the Trend Micro detection for: Microsoft Word documents that has embedded malicious JS file detected as: JS_NEMUCOD.NZU NOTES: This Trojan displays the following to trick the user in clicking the
{B3E47B04-71C9-4887-978A-C7B73D705D72} %User Temp%\~zm_{B3E47B04-71C9-4887-978A-C7B73D705D72}\css %User Temp%\~zm_{B3E47B04-71C9-4887-978A-C7B73D705D72}\images %User Temp%\~zm_{B3E47B04-71C9-4887-978A-C7B73D705D72}\js (Note: %User Temp%
Application creates the following folders: %User Temp%\DLG\ui\common\base\js %User Temp%\DLG\ui\common\last %User Temp%\DLG\ui\common\last\css %User Temp%\DLG\ui\common\base\css %User Temp%\DLG\ui %User Temp%
Application creates the following folders: %User Temp%\DLG\ui\offers\1522ef138ba104249c3934a80811f825\css %User Temp%\DLG\initWindow %User Temp%\DLG\ui\common\last\js %User Profile%\AppData %User Temp%\DLG\ui
Application creates the following folders: %User Temp%\DLG\loadingImage %User Temp%\DLG\ui\common\last %System Root%\Users %User Temp%\DLG\ui\common\base\js %User Temp%\DLG\ui\offers
%User Temp%\DLG\ui\common\base %User Temp%\DLG\ui\common\base\css %User Temp%\DLG\ui\common\progress\css %User Temp%\DLG\ui\common\last\js %User Temp%\DLG\ui\offers\fd286b8d7f971e3468eba12c41b59383
\common\progress %User Temp%\DLG\ui\offers\e7897d55b76a861e21cb37580d296be2\js %User Profile%\AppData %User Temp%\DLG\ui\common\last\js %User Temp%\DLG\ui\common\last\css %User Temp%\DLG\ui\common\base\js
Application creates the following folders: %User Temp%\DLG\initWindow %User Temp%\DLG\ui\common\last\js %User Profile%\AppData %User Temp%\DLG\ui\offers\261dd182d36861fec9a217cc812a9f9a\css %User Temp%\DLG\ui
Temp%\DLG\ui %User Temp%\DLG\dlgres %User Temp%\DLG\ui\common\base\css %User Temp%\DLG\ui\common\progress\js %User Temp%\DLG\ui\offers\4bee1563f288b8178b768f312db4c273 %System Root%\Users %User Temp%\DLG
Application creates the following folders: %User Temp%\DLG\ui\common\progress\img %User Temp%\DLG\ui\common\progress\css %User Temp%\DLG\ui %User Profile%\AppData %User Temp%\DLG\ui\common\base\js %User Temp%
Application creates the following folders: %User Temp%\DLG\loadingImage %User Temp%\DLG\ui\common\last\css %User Temp%\DLG\ui\common\progress\js %User Temp%\DLG\ui\common\progress\img %User Temp%\DLG %User Temp