Search
Keyword: troj_cryptesla
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes the downloaded files. As a result, malicious routines of the downloaded files
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. As of this writing, the said sites are inaccessible.
It changes the TCP Port of Internet Information Services (IIS) of the affected system to a new random number. The new port number will be saved by the malware in a certain registry. This Trojan may
This Trojan may be dropped by other malware. It executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. Arrival Details This Trojan
This Trojan may be downloaded by other malware/grayware from remote sites. It executes the files it drops, prompting the affected system to exhibit the malicious routines they contain. It deletes
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
Autostart Technique This Trojan adds the following registry entries to enable its automatic execution at every system startup: HKEY_CLASSES_ROOT\CLSID\{AFD4AD01-58C1-47DB-A404-FBE00A6C5486}
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain URLs. It may do this to remotely
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. However, as of this writing, the said sites are inaccessible. Arrival
This Trojan may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while visiting malicious websites. It installs a fake
This Trojan may be dropped by other malware. It connects to certain URLs. It may do this to remotely inform a malicious user of its installation. It may also do this to download possibly malicious
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It executes the downloaded files. As a result, malicious routines of the
It sets the system's desktop wallpaper to an image of a warning message. It intercepts all applications and prevent these from executing. This would cause an affected system to be unusable. The
This Trojan executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system. It deletes itself after execution. Installation This Trojan
This Trojan may arrive bundled with malware packages as a malware component. It may be unknowingly downloaded by a user while visiting malicious websites. It is injected into all running processes to
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain URLs. It may do this to remotely
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It displays fake alerts that warn users of infection. It also displays fake
This Trojan may install itself on the affected system as a rogue antivirus using certain names. This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly
This Trojan has received attention from independent media sources and/or other security firms. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown
This Trojan arrives as attachment to mass-mailed email messages. However, as of this writing, the said sites are inaccessible. It executes then deletes itself afterward. It connects to certain