Keyword: JS_XORBAT.A
100062 Total Search   |   Showing Results : 4581 - 4600
  Previous   Next  
22-049 (October 4, 2022)
* indicates a new version of an existing rule Deep Packet Inspection Rules: Atlassian Bitbucket 1011540* - Atlassian Bitbucket Server and Data Center Remote Command Execution Vulnerability
Ransom.Win32.CRYSIS.TIBGIE
This Ransomware drops files as ransom note. Installation This Ransomware drops the following copies of itself into the affected system: %System32%\{Malware Filename}.exe %User Startup%\{Malware
22-056 (November 15, 2022)
* indicates a new version of an existing rule Deep Packet Inspection Rules: DCERPC Services 1011037* - Identified Remote System Discovery Over SMB - 1 (ATT&CK T1018) 1011027* - Identified Session
23-032 (July 25, 2023)
* indicates a new version of an existing rule Deep Packet Inspection Rules: Advanced Message Queuing Protocol (AMQP) 1011585* - SolarWinds Network Performance Monitor Insecure Deserialization
http://{blocked}c.com/iframefi le.js
related to JS_REDIR.GQ
{blocked}c.com/iframefile.js
JS_IFRAME.AVX may be downloaded from this site (Infection Vector)
http://{blocked}2rt.com/360saf e.html
JS_SHELLCOD.SMGU accesses this URL to download JS_EXPLOIT.ADA.
http://{blocked}2rt.com/360.ht ml
JS_SHELLCOD.SMGU accesses this URL to download JS_EXPLOIT.SM1.
{blocked}0.85.172/bl.js
This malicious URL is related to the Osama bin Laden death spam in Facebook as well as the detection JS_FBOOK.VTG.
{blocked}ps.co.uk/bin.js
This site is related to JS_FBOOK.VTG. Users may encounter this when searching for news about Osama bin Laden's death via Facebook .
{blocked}upltd.com/sidename.js
JS_REDIRECT.BB connects to this possibly malicious URL.
{blocked}g08.com/js/general.js
PE_FUJACKS.CT-O connects to this possibly malicious URL.
{blocked}ama.cn/inf/main.js?t= 20110801.js
When executed, TROJ_ADLOAD.YG connects to this malicious URL.
{blocked}ama.cn/js/ac.js
When executed, TROJ_ADLOAD.YG connects to this malicious URL.
{blocked}ama.cn/js/sc.js
When executed, TROJ_ADLOAD.YG connects to this malicious URL.
TROJ_QAKJOB.SMA
This is the Trend Micro detection for .JOB files that execute files detected as JS_QAKBOT. These files are components of the WORM_QAKBOT malware family. NOTES: This is the Trend Micro detection for
TSPY_SIMDA.RUS
This spyware may be dropped by other malware. It executes then deletes itself afterward. It connects to certain websites to send and receive information. Arrival Details This spyware may be dropped
JS_GUMBLAR
GUMBLAR malware was spotted in 2009. Thousands of websites were compromised. These compromised sites hosted malicious scripts, detected as GUMBLAR. Apart from SQL injection, thousands of sites were
TROJ_PIDIEF.SMAQ
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. However, as of this writing, the said sites are inaccessible. Arrival Details This Trojan
JS_EXPLOIT.SMDS
However, as of this writing, the said sites are inaccessible. Other Details This Trojan attempts to access the following Web sites to download files, which are possibly malicious: http://{BLOCKED