Search
Keyword: JS_XORBAT.B
This Trojan may be hosted on a website and run when a user accesses the said website. It takes advantage of software vulnerabilities to allow a remote user or malware/grayware to download files. As
RUSTOCK malware are mostly backdoors, Trojans, and rootkits that have been downloaded by other malware such as BREDOLAB and VIRUX . This arrival routine was observed in website compromises seen in
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies Internet Explorer security settings. This
This Trojan opens a certain registry key. It then queries the data under a specific value for the subkeys under a certain key. For the paths that it finds, it will append a certain line. It will then
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan may be hosted on a website and run when a user accesses the said website. It executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the
This spyware attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites. Arrival Details This spyware may be downloaded from
This spyware is injected into all running processes to remain memory resident. It attempts to steal information, such as user names and passwords, used when logging into certain banking or
This spyware may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It creates folders where it drops its files. It modifies the Internet
This spyware may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It creates folders where it drops its files. It may be injected into
This spyware attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites. Arrival Details This spyware may be unknowingly
This spyware attempts to steal sensitive online banking information, such as user names and passwords. This routine risks the exposure of the user's account information, which may then lead to the
Other Details Based on analysis of the codes, it has the following capabilities: The malware decodes a Base-64 encoded text in the host HTML file, then executes the decoded text.
This Trojan connects to certain websites to send and receive information. Other Details This Trojan connects to the following website to send and receive information: http://www.{BLOCKED}onega.com
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be downloaded from remote sites by other
name Other Details This Trojan encrypts files with the following extensions: wb2 psd p7c p7b p12 pfx pem crt cer der pl py lua css js asp php incpas asm hpp h cpp c 7z zip rar drf blend apj 3ds dwg sda
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a