Search
Keyword: HTML_IFRAME
from a remote malicious user: Block DNS Create processes Download other files Insert iframe tags into HTML files Join an IRC channel Log in to FTP sites Perfrom Slowloris, UDP, and SYN flooding Run
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
backdoor capabilities: Block DNS Create processes Download other files Insert iframe tags into HTML files Join an IRC channel Log in to FTP sites Perfrom Slowloris, UDP, and SYN flooding Run Reverse Socks4
file name}:*:Enabled:ldrsoft" NOTES: Other Details This spyware deletes itself after execution. It may be downloaded unknowingly when visiting infected Web pages. An iframe inserted in the page will
following backdoor capabilities: Block DNS Create processes Download other files Insert iframe tags into HTML files Join an IRC channel Log in to FTP sites Perfrom Slowloris, UDP, and SYN flooding Run Reverse
Create processes Download other files Insert iframe tags into HTML files Join an IRC channel Log in to FTP sites Perfrom Slowloris, UDP, and SYN flooding Run Reverse Socks4 proxy server Send MSN Messenger
an unsuspecting user visits an affected web page, this HTML script launches a hidden IFRAME that connects to the following URL: http://{BLOCKED}aofghjtr.ru:8080/images/aublbzdni.php As a result,
Messenger messages Insert iframe tags into HTML files Visit a Web page Create processes Block DNS Redirect domains Steal login credentials Log in to FTP sites It connects to the following URL(s) to send and
Insert iframe tags into HTML files Visit a Web Site Block DNS Steal login credentials Log in to FTP sites Create processes Modify the following system files: ipconfig.exe verclsid.exe regedit.exe
Messenger messages Insert iframe tags into HTML files Visit a Web page Create processes Block DNS Redirect domains Steal login credentials Log in to FTP sites It connects to the following URL(s) to send and
Routine This worm executes the following commands from a remote malicious user: Update itself Download other files Perfrom Slowloris, UDP, and SYN flooding Send MSN Messenger messages Insert iframe tags
Insert iframe tags into HTML files Visit a Web page Create processes Block DNS Redirect domains Steal login credentials Log in to FTP sites It connects to the following URL(s) to send and receive commands
monitors browsers to inject IFRAME to the following targeted webpages once accessed by users: http://banking.nonghyup.com http://banking.shinhan.com http://hanabank.com http://kbstar.com
other files Insert iFrame tags into HTML files Join an IRC channel Log in to FTP sites Perform Slowloris, UDP, and SYN flooding Run Reverse Socks4 proxy server Send MSN Messenger messages Steal login
Backdoor Routine This worm executes the following commands from a remote malicious user: Block DNS Create processes Download other files Insert iFrame tags into HTML files Join an IRC channel Log in to FTP
and status updates Backdoor Routine This worm executes the following commands from a remote malicious user: Block DNS Create processes Download other files Insert iFrame tags into HTML files Join an IRC
IRC channel(s): #id It executes the following commands from a remote malicious user: Block DNS Create processes Download other files Insert iFrame tags into HTML files Join an IRC channel Log in to FTP
This Trojan may be hosted on a website and run when a user accesses the said website. This is the Trend Micro detection for files that contain a malicious script. It redirects browsers to certain
Create processes Download other files Insert iFrame tags into HTML files Join an IRC channel Log in to FTP sites Perform Slowloris, UDP, and SYN flooding Run Reverse Socks4 proxy server Send MSN Messenger
inserts the following IFRAME code in webpages: .html .htm .asp .aspx NOTES: This file infector prevents the execution of several security related processes by creating the following registry entries: