Search
Keyword: JS_XORBAT.A
UNRUY is a group of Trojans that are usually downloaded from the Internet, particularly from websites that host malicious Java applets. It modifies an affected system's registry to enable browser
UNRUY is a group of Trojans that are usually downloaded from the Internet, particularly from websites that host malicious Java applets. It modifies an affected system's registry to enable browser
UNRUY is a group of Trojans that are usually downloaded from the Internet, particularly from websites that host malicious Java applets. It modifies an affected system's registry to enable browser
UNRUY is a group of Trojans that are usually downloaded from the Internet, particularly from websites that host malicious Java applets. It modifies an affected system's registry to enable browser
UNRUY is a group of Trojans that are usually downloaded from the Internet, particularly from websites that host malicious Java applets. It modifies an affected system's registry to enable browser
malware/grayware or malicious users. Download Routine This Trojan connects to the following website(s) to download and execute a malicious file: http://{BLOCKED}nal.net/detects/seen-taste.php?gggy
JS_SHESDE.E connects to this website to download and execute a malicious file.
JS_OBFUSC.BEB redirects browsers to this site. This malware is related to a spammed message that leverages the news on the royal baby, Prince George.
Other Details This Trojan does the following: Takes advantage of a vulnerability in certain versions of Adobe Acrobat and Reader to execute an arbitrary code, thus, compromising system security.
This {malware/spyware type} has received attention from independent media sources and/or other security firms. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the
with an ad that is related to the search string. It attempts to download a possibly malicious file from the following file hosting site: http://{random}.{BLOCKED}ros.com/get2.php?c={parameters}&d=
This Trojan may be dropped by other malware. It connects to certain websites to send and receive information. Arrival Details This Trojan may be dropped by the following malware: JS_HTADRP.SM Other
Windows Server 2008, and Windows Server 2012.. %User Profile% is a user's profile folder, where it usually is C:\Documents and Settings\{user name} on Windows 2000, Windows Server 2003, and Windows XP (32-
need a new version of advpack.dll" [DefaultInstall] RunPreSetupCommands = tpdsyfxbnporewlfyxybdhirskgzuhxbubkp:2 [tpdsyfxbnporewlfyxybdhirskgzuhxbubkp] %Application Data%\Microsoft\Internet Explorer\
the following: It uses a combination for the following strings for its filename (ex. InstancingGlossary.exe): Alaska Another Appid Assessment Auth Bold Brush Character Cpl Createan Dfs Dhcp Disabled
product detects a file under this detection name, do not execute the file.
product detects a file under this detection name, do not execute the file.
product detects a file under this detection name, do not execute the file.
Description Name: WATERHOLE - HTTP (Request) . This is the Trend Micro detection for malicious HTTP network packet that manifest any of the following actions:CallbackThis attack is used for Command and Control CommunicationRelated Malware: JS_WATERHO...
Download Routine This spyware connects to the following website(s) to download and execute a malicious file: http://{BLOCKED}k.{BLOCKED}ps.org/WebTracking/Psupdate.exe It saves the files it downloads using