Search
Keyword: troj_cryptesla
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. However, as of this writing, the said sites are inaccessible. Arrival Details This Trojan
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
Installation This Trojan drops the following copies of itself into the affected system: %User Profile%\Localdir\svchost.exe (Note: %User Profile% is the current user's profile folder, which is
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It executes the downloaded files. As a result, malicious routines of the
This Trojan may be unknowingly downloaded by a user while visiting malicious websites. Arrival Details This Trojan may be unknowingly downloaded by a user while visiting malicious websites.
Other Details Based on analysis of the codes, it has the following capabilities: It loads and executes the file /sunny/MyBuilds.class - detected as TROJ_JAVA.BD
This Trojan may be unknowingly downloaded by a user while visiting malicious websites. It is a component of other malware. It requires its main component to successfully perform its intended routine.
Installation This Trojan drops the following copies of itself into the affected system: %WINDOWS%\oldbin.exe Autostart Technique This Trojan adds the following registry entries to enable its
This Trojan may be downloaded from several remote sites. It may also be downloaded from links in email messages sent out by WORM_KELIHOS.SM. It connects to website to download and execute a malicious
It connects to a URL to download its configuration file. It hooks certain APIs to perform its information stealing routine. This Trojan may be dropped by other malware. It may be unknowingly
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It executes the dropped file(s). As a result, malicious routines of the
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It executes the dropped file(s). As a result, malicious routines of the
This Trojan contains an embedded malicious .SWF file that it uses to successfully exploit the specific vulnerability. The malicious .SWF file is detected by Trend Micro as SWF_EXPLOIT.WMP. It
Installation This Trojan drops and executes the following files: %System%\yise.ero - detected as TROJ_DLOADR.SMVE (Note: %System% is the Windows system folder, which is usually C:\Windows\System on
This Trojan may be dropped by other malware. Arrival Details This Trojan may be dropped by other malware. NOTES: It enables the automatic execution of its component malware every time the physical
Other Details This Trojan does the following: Takes advantage of a vulnerability in certain versions of Adobe Acrobat and Reader to execute an arbitrary code, thus, compromising system security.
This specially crafted .PDF file takes advantage of the vulnerabilities found in several functions of Adobe Acrobat and Reader . This Trojan arrives on a system as a file dropped by other malware or
This is the Trend Micro detection for files that exhibit certain behaviors. Other Details Based on analysis of the codes, it has the following capabilities: It serves as a configuration file that is
This Trojan may arrive bundled with malware packages as a malware component. It may be downloaded by other malware/grayware/spyware from remote sites. It connects to certain URLs. It may do this to