Search
Keyword: js_nindya.a
UNRUY is a group of Trojans that are usually downloaded from the Internet, particularly from websites that host malicious Java applets. It modifies an affected system's registry to enable browser
UNRUY is a group of Trojans that are usually downloaded from the Internet, particularly from websites that host malicious Java applets. It modifies an affected system's registry to enable browser
malware/grayware or malicious users. Download Routine This Trojan connects to the following website(s) to download and execute a malicious file: http://{BLOCKED}nal.net/detects/seen-taste.php?gggy
JS_SHESDE.E connects to this website to download and execute a malicious file.
JS_OBFUSC.BEB redirects browsers to this site. This malware is related to a spammed message that leverages the news on the royal baby, Prince George.
Other Details This Trojan does the following: Takes advantage of a vulnerability in certain versions of Adobe Acrobat and Reader to execute an arbitrary code, thus, compromising system security.
This {malware/spyware type} has received attention from independent media sources and/or other security firms. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the
with an ad that is related to the search string. It attempts to download a possibly malicious file from the following file hosting site: http://{random}.{BLOCKED}ros.com/get2.php?c={parameters}&d=
This Trojan may be dropped by other malware. It connects to certain websites to send and receive information. Arrival Details This Trojan may be dropped by the following malware: JS_HTADRP.SM Other
Windows Server 2008, and Windows Server 2012.. %User Profile% is a user's profile folder, where it usually is C:\Documents and Settings\{user name} on Windows 2000, Windows Server 2003, and Windows XP (32-
need a new version of advpack.dll" [DefaultInstall] RunPreSetupCommands = tpdsyfxbnporewlfyxybdhirskgzuhxbubkp:2 [tpdsyfxbnporewlfyxybdhirskgzuhxbubkp] %Application Data%\Microsoft\Internet Explorer\
the following: It uses a combination for the following strings for its filename (ex. InstancingGlossary.exe): Alaska Another Appid Assessment Auth Bold Brush Character Cpl Createan Dfs Dhcp Disabled
product detects a file under this detection name, do not execute the file.
product detects a file under this detection name, do not execute the file.
product detects a file under this detection name, do not execute the file.
Description Name: WATERHOLE - HTTP (Request) . This is the Trend Micro detection for malicious HTTP network packet that manifest any of the following actions:CallbackThis attack is used for Command and Control CommunicationRelated Malware: JS_WATERHO...
Download Routine This spyware connects to the following website(s) to download and execute a malicious file: http://{BLOCKED}k.{BLOCKED}ps.org/WebTracking/Psupdate.exe It saves the files it downloads using
of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements. mozilla firefox 3.5 Apply associated Trend Micro
This Trojan may be dropped by other malware. As of this writing, the said sites are inaccessible. It deletes itself after execution. Arrival Details This Trojan may be dropped by the following
This worm drops copies of itself in the Windows Common Startup folder to enable its automatic execution at every system startup. It drops copies of itself into all the removable drives connected to