Search
Keyword: HTML_SOHANAD
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. However, as of this writing, the said sites are inaccessible. Arrival
This Trojan takes advantage of software vulnerabilities to allow a remote user or malware/grayware to download files. Download Routine This Trojan takes advantage of the following software
This spyware attempts to steal sensitive online banking information, such as user names and passwords. This routine risks the exposure of the user's account information, which may then lead to the
This spyware attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites. Arrival Details This spyware may be unknowingly
This spyware attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites. Infection Points This spyware arrives as a file
Once users access any of the monitored sites, it starts logging keystrokes. It attempts to steal information, such as user names and passwords, used when logging into certain banking or
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. However, as of this writing, the said sites are inaccessible. Arrival
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It executes the dropped file(s). As a result, malicious routines of the
Installation This Trojan drops the following copies of itself into the affected system and executes them: %User Profile%\cisvc.exe (Note: %User Profile% is the current user's profile folder, which is
This Trojan deletes itself after execution. Installation This Trojan drops the following copies of itself into the affected system: %system%\{random filename}.exe It adds the following mutexes to
This spyware attempts to steal sensitive online banking information, such as user names and passwords. This routine risks the exposure of the user's account information, which may then lead to the
This spyware attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites. Arrival Details This spyware may be unknowingly
This Trojan redirects browsers to certain sites. Other Details This Trojan redirects browsers to the following sites: http://{BLOCKED}senfoppen.nl/1.html
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. However, as of this writing, the said sites are inaccessible. Arrival Details This Trojan
This Trojan executes when a user accesses certain websites where it is hosted. It redirects browsers to certain sites. However, as of this writing, the said sites are inaccessible. Arrival Details
Trend Micro has flagged this JavaScript as noteworthy due to the increased potential for damage, propagation, or both, that it possesses. Specifically, it exploits the recently discovered Java
However, as of this writing, the said sites are inaccessible. It inserts an IFRAME tag that redirects users to certain URLs. Arrival Details However, as of this writing, the said sites are
This Trojan may be hosted on a website and run when a user accesses the said website. It inserts an IFRAME tag that redirects users to certain URLs. Arrival Details This Trojan may be hosted on a
This Trojan may be hosted on a website and run when a user accesses the said website. As of this writing, the said sites are inaccessible. Once a compromised site is visited, the user is redirected
Other Details Based on analysis of the codes, it has the following capabilities: Upon execution, it accesses the URL http://{BLOCKED}e.net/.go/check.html . The said URL may redirect to the following