Search
Keyword: URL
files. As a result, malicious routines of the downloaded files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said
download its configuration file: http://{BLOCKED}n.com/jck/cfg.bin Its configuration file contains the following information: List of strings it will monitor usually related to banking URL to send stolen
from a certain URL. The URL where this malware downloads the said file depends on the parameter passed on to it by its components. Other Details This Trojan executes the downloaded file using the
TROJ64_INSTOL.USR passes the encrypted URL to this DLL component. This DLL component has only one export function named ExportFunc which is repeatedly executed. Dropped by other malware, Downloaded from the Internet,
arbitrary file [UDP] - Starts UDP Flooding [OpenURL] - Opens a URL using a hidden browser [SYN] Sends a SYN Flood [Get] Sends GET floods [Post] Sends POST floods Other Details This backdoor uses the following
result, malicious routines of the downloaded files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends
then executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where
{Malware Path and Filename}" Backdoor Routine This backdoor executes the following commands from a remote malicious user: udp: Start UDP flood syn: Send SYN flood exec: Perform remote shell openurl: Open URL
files. As a result, malicious routines of the downloaded files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said
\Documents and Settings\{user name} on Windows 2000, XP, and Server 2003, or C:\Users\{user name} on Windows Vista and 7.) It downloads a possibly malicious file from a certain URL. The URL where this malware
HKEY_CURRENT_USER\Software\Microsoft\ Internet Explorer\Main TabProcGrowth = "0" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\URL SystemMgr = "Del" Other Details This Trojan connects to the following
Bulletin APSB08-13 Adobe Security Bulletin APSB08-19 Adobe Security Bulletin APSB09-04 Adobe Security Advisory APSA09-07 NOTES: If the URL is still accessible, it downloads a file and executes the following
file and modifies it so that it runs the malware on system startup The patched driver is detected by Trend Micro as PE_TDSS.A. Encrypts the data and passes the information as parameter to the server URL
{BLOCKED}l.net/img/pt.png http://{BLOCKED}l.net/img/fr.jpg It saves the files it downloads using the following names: %System Root%\jamesdat.exe - detected as TROJ_AGENT.AUCU %System%\igfxtrai.exe - URL
URL in which an updated copy or another malware can be downloaded. It saves this information to the following registry entry: HKEY_CLASSES_ROOT\idid url{number} = "{hex data}"
downloads a file from a certain URL then renames it before storing it in the affected system. Installation This worm drops the following copies of itself into the affected system: %system%\36D0F1\2ADE6B.EXE
connects to the following possibly malicious URL: {BLOCKED}.{BLOCKED}.185.211 NOTES: It may connect to the non-malicious URL http://www.msn.com/ . This Trojan connects to seemingly non-malicious URLs that
file from a certain URL. The URL where this malware downloads the said file depends on the following parameter(s) passed on to it by its components: calf manu Other Details This Trojan requires its main
downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the following parameter(s) passed on to it by its components: size Exploit-FKJ
URL. The URL where this malware downloads the said file depends on the parameter passed on to it by its components. Information Theft This Trojan does not have any information-stealing capability. Other