Search
Keyword: JS_XORBAT.A
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes the downloaded files. As a result, malicious routines of the downloaded files
This Trojan arrives as attachment to mass-mailed email messages. It executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system.
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes the downloaded files. As a result, malicious routines of the downloaded files
This Trojan uses Windows Task Scheduler to create a scheduled task that executes the dropped copy. It connects to certain websites to send and receive information. Arrival Details This Trojan may be
output filter is a piece of code that inspect, and possibly modify, the response of the Apache web server before sending it to the requesting client. It only processes the Web server response if the
by a user while visiting malicious websites. It retrieves specific information from the affected system. Arrival Details This Spyware may be unknowingly downloaded by a user while visiting malicious
This adware may be manually installed by a user. Arrival Details This adware may be manually installed by a user. Installation This adware adds the following folders: %Start Menu%\Programs\The
Description Name: NEMUCOD - HTTP (Request) - Variant 8 . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some i...
malware/grayware or malicious users. Stolen Information This Trojan sends the gathered information via HTTP POST to the following URL: http://{BLOCKED}.{BLOCKED}.135.49/info/aexp.php NOTES: It displays a fraudulent
This Trojan executes when a user accesses certain websites where it is hosted. It does not have any propagation routine. It does not have any backdoor routine. It requires its main component to
requires a specific argument in order to perform its intended routine (ie. 321, 123, 65, etc). It prevents encrypting files containing any of the strings in its full path name: $Recycle.Bin AppData
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes the downloaded files. As a result, malicious routines of the downloaded files
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes the downloaded files. As a result, malicious routines of the downloaded files
malware/grayware or malicious users. Other Details This Trojan executes a shell code embedded in a certain file. NOTES: This malware contains an embedded file, detected as TROJ_CHIFRAX.VTM, that self-extracts and
This Trojan may be downloaded from remote sites by other malware. It does not have any propagation routine. It does not have any backdoor routine. It modifies the Internet Explorer Zone Settings. It
This Trojan may be downloaded by other malware/grayware from remote sites. It connects to certain websites to send and receive information. It deletes the initially executed copy of itself. Arrival
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes the downloaded files. As a result, malicious routines of the downloaded files
a specific parameter in order to perform its intended routine: "{Malware Path}\{Malware Filename}.dll",EnhancedStoragePasswordConfig 147 It prevents encrypting files containing any of the strings in
.xml .ycbcra .yuv .zip It renames encrypted files using the following names: {unique ID per victim}-{identifier}.zzzzz It does the following: It requires a specific parameter in order to perform its
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes the downloaded files. As a result, malicious routines of the downloaded files