Search
Keyword: MS10-087
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This Trojan connects to a website to send and receive information. It deletes itself after execution. Installation This Trojan drops the following copies of itself into the affected system: %System%\
This backdoor executes the commands from a remote malicious user. This backdoor steals the information. This backdoor may be dropped by other malware. Arrival Details This backdoor may be dropped by
\SOFTWARE\Microsoft\ Shared Tools\SYSINFO.OCX\Clients %System%\LONGZHM\EXP1OER.EXE = It adds the following registry keys as part of its installation routine: HKEY_CLASSES_ROOT\MS Setup (ACME)
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This backdoor arrives as an attachment to email messages spammed by other malware/grayware or malicious users. Arrival Details This backdoor arrives as an attachment to email messages spammed by
This malware is a JavaScript component of the Blackhole Exploit kit. It is responsible for searching vulnerable software on the user's machine in order to deploy specific exploits and ultimately,
This Trojan executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. Dropping Routine This Trojan drops the following files: %User Temp
This is a Trend Micro detection for specially crafted .JPG, .PNG, .SWF, .PDF, .BMP and .GIF picture files that contains an iframe pointing to the possibly malicious websites. This Trojan arrives as
This worm may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while visiting malicious websites. Arrival Details This worm may arrive via
TROJ_AGENT.JAAK. It drops a non-malicious .DOC file. When the said file is opened, it executes an instance of Microsoft Word. MS Word then loads the file as a normal .DOC file. This Trojan bears the file icons of
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies registry entries to disable various system
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
drops the following files: __tmp_rar_sfx_access_check_40828 OGA_171110\FILE_ID.DIZ OGA_171110\MS Excel 2007.bmp OGA_171110\MS Word 2007.bmp OGA_171110\OGA_v1.7.111.0_crack.exe OGA_171110
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run MS Svasta Pomalo v2 = "%User Profile%\Application Data\odjebiav2.exe" HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run MS Svasta Pomalo v2 = "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run MS Service Manager = "%User Temp%\idemoodp0cetka.exe" HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run MS Service Manager = "%User Temp
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
WORM_GOLROTED.SMV1) %Application Data%\pid.txt %Application Data%\pidloc.txt %User Temp%\screens\screenshot{1, 2, 3, ...}.jpeg (takes screenshots every 10 minutes) (Note: %Application Data% is the Application Data