Search
Keyword: HTML_SOHANAD
Installation This Trojan drops the following copies of itself into the affected system: %System%\3361\svchost.exe (Note: %System% is the Windows system folder, which is usually C:\Windows\System on
This Trojan may be unknowingly downloaded by a user while visiting malicious websites. It installs a fake antivirus/antispyware software. It displays fake alerts that warn users of infection. It also
This Trojan is an installer of a rogue antivirus program called Spyware Cleaner 2010 V4.05. It asks the user to purchase the full version of the software. It then connects to a certaijn website where
This Trojan may be unknowingly downloaded by a user while visiting malicious websites. This file contains a URL where it connects to possibly download other files. It deletes itself after execution.
This Trojan may be hosted on a website and run when a user accesses the said website. As of this writing, the said sites are inaccessible. Once a compromised site is visited, the user is redirected
This Trojan redirects browsers to certain sites. Other Details This Trojan redirects browsers to the following sites: http://{BLOCKED}ifeasia.com/index3.html
Other Details Based on analysis of the codes, it has the following capabilities: The malware decodes a Base-64 encoded text in the host HTML file, then executes the decoded text.
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It redirects browsers to certain sites. Arrival Details This Trojan arrives as an
This Trojan may arrive as a file that exports functions used by other malware. It arrives as a component bundled with malware/grayware packages. However, as of this writing, the said sites are
Other Details Based on analysis of the codes, it has the following capabilities: Upon execution, it accesses the URL http://{BLOCKED}e.net/.go/check.html . The said URL may redirect to the following
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. Arrival Details This Trojan may be dropped by other malware. It may be
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain URLs. It may do this to remotely
This Trojan executes then deletes itself afterward. Installation This Trojan drops the following copies of itself into the affected system: %User Profile%\cisvc.exe (Note: %User Profile% is the
This adware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It displays pop-up advertisements. Arrival Details This
This file infector may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. Arrival Details This file infector may be dropped by other malware.
Propagation As of this writing, there is no available patch for this vulnerability. However, workarounds are provided in: $$DATA$$ Other Details This Trojan is a zero-day exploit for the following
This malware uses social engineering methods to lure users into performing certain actions that may, directly or indirectly, cause malicious routines to be performed. Specifically, it makes use of
It may be downloaded by other malware/grayware/spyware from remote sites. It arrives as an attachment to email messages spammed by other malware/grayware/spyware or malicious users. Arrival Details
It adds registry entries to enable its automatic execution at every system startup. It attempts to steal information, such as user names and passwords, used when logging into certain banking or
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a