Search
Keyword: Coinminer_MALXMR.SMGH2-ELF64
{2329B0B1-00B8-459B-9F68-66831E4FFF47}_is1 MajorVersion = "11" HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ Microsoft\Windows\CurrentVersion\ Uninstall\{2329B0B1-00B8-459B-9F68-66831E4FFF47}_is1 MinorVersion = "2" HKEY_LOCAL_MACHINE
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This spyware arrives on a system as a
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This spyware arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
System Modifications This Trojan adds the following registry keys: HKEY_CURRENT_USER\Software\{UID} It adds the following registry entries: HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "{RSA
System Modifications This Trojan adds the following registry keys: HKEY_CURRENT_USER\Software\{UID} It adds the following registry entries: HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "{RSA
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself.
key} It adds the following registry entries: HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "{RSA PUBLIC KEY}" HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "{contents of
registry entries: HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "{RSA PUBLIC KEY} " HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "{contents of HELP_DECRYPT.TXT}" HKEY_CURRENT_USER
An exploit leveraging CVE-2013-2729 vulnerability leads to the download of this DYREZA malware. This malware is notable for its capability to steal banking and bitcoin information. To get a
HKEY_CURRENT_USER\Software\{UID} It adds the following registry entries: HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "{RSA PUBLIC KEY} " HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies the Internet Explorer Zone Settings. It
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies the Internet Explorer Zone Settings. It
System Modifications This Trojan adds the following registry keys: HKEY_CURRENT_USER\Software\{UID} It adds the following registry entries: HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "{RSA
{random 2 characters} = "{RSA PUBLIC KEY} " HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "{contents of HELP_DECRYPT.TXT}" HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "{contents of
" HKEY_CURRENT_USER\Software\Cydoor ConnType = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Cydoor AdwrCnt = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Cydoor %Program Files%\2VG\FTetris\tetris.exe = "{numbers}" HKEY_CURRENT_USER\Software
{random 2 characters} = "{RSA PUBLIC KEY} " HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "{contents of HELP_DECRYPT.TXT}" HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "{contents of
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It does not
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies the Internet Explorer Zone Settings. It