Search
Keyword: JS_XORBAT.A
This site is related to the detection JS_OBFUS.AB. Users who are lead to {BLOCKED}2.24.211/js.js are redirected to this site. This is one of the malicious links being spammed in Facebook , which
Other Details This Trojan connects to the following possibly malicious URL: http://{BLOCKED}1.{BLOCKED}er.ce.ms/index.php
This Trojan inserts an IFRAME tag that redirects users to certain URLs. Other Details This Trojan inserts an IFRAME tag that redirects users to the following URLs: http://{BLOCKED
This spyware may be dropped by other malware. It connects to certain websites to send and receive information. Arrival Details This spyware may be dropped by other malware. Installation This spyware
This JavaScript inserts an IFRAME tag that redirects users to certain URLs. Other Details This JavaScript inserts an IFRAME tag that redirects users to the following URLs: http://{BLOCKED
Arrival Details This Trojan may be downloaded from the following remote sites: http://www.{BLOCKED}ydrop.com/javascripts/tree
However, as of this writing, the said sites are inaccessible. It redirects browsers to certain sites. Backdoor Routine However, as of this writing, the said sites are inaccessible. Other Details This
Other Details Based on analysis of the codes, it has the following capabilities: It gathers IP addresses connected to the network such as {BLOCKED}8.29.x and runs ARP poisoning to infect computers.
This Trojan connects to certain websites to send and receive information. Other Details This Trojan connects to the following website to send and receive information: http://{BLOCKED}saved.org/
Other Details This Trojan does the following: Displays the following pop-up message once executed: This script is used by other FAKEAV variants for their malicious routines. Displays message/message
As of this writing, the said sites are inaccessible. Download Routine As of this writing, the said sites are inaccessible. Other Details This Trojan connects to the following possibly malicious URL:
However, as of this writing, the said sites are inaccessible. Other Details This Trojan attempts to access the following websites to download files, which are possibly malicious: http://www.{BLOCKED
This Trojan may be dropped by other malware. Arrival Details This Trojan may be dropped by the following malware: TROJ_HILOTI.EP NOTES: This javascript may be used to monitor browser activities in
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. However, as of this writing, the said sites are inaccessible. Arrival Details This Trojan
This is the Trend Micro detection for files that exhibit certain behaviors. Other Details This is the Trend Micro detection for: for Javascript files that are dropped by the WORM_QAKBOT/BKDR_QAKBOT
embedded malicious JS file. TrojanDownloader:JS/Swabfex.P (Microsoft); Trojan.Mdropper (Norton); JS/TrojanDownloader.Agent.QIZ trojan (NOD32)
embedded malicious JS file. TrojanDownloader:JS/Nemucod!rfn (Microsoft); JS/Nemucod.tn (McAfee)
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. However, as of this writing, the said sites are inaccessible. Arrival Details This Trojan
NOTES: Heuristic Detection This is Trend Micro’s heuristic detection for suspicious files that manifest similar file characteristics as the following JavaScript downloader: JS_CERBER
Base64-encoded JS file attachment. TrojanDownloader:JS/Nemucod!rfn (Microsoft); JS/DwnLdr-UEN (Sophos Lite)