Search
Keyword: MS10-087
NOTES: It uses MS Word application icon to trick users that it is a .DOC file. Upon execution, it also drops and opens a decoy document %User Temp%\temp.doc to trick users into thinking that it is a normal
folder to enable its automatic execution at every system startup: %Start Menu%\Programs\Startup\MS office.lnk (Note: %Start Menu% is the current user's Start Menu folder, which is usually C:\Windows\Start
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
enable its automatic execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run MS x86 Service = "msservice32.exe" Other System Modifications This Trojan adds the
This Trojan may arrive bundled with malware packages as a malware component. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This spyware attempts to steal sensitive online banking information, such as user names and passwords. This routine risks the exposure of the user's account information, which may then lead to the
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details
This Trojan modifies registry entries to disable various system services. This action prevents most of the system functions to be used. It connects to certain websites to send and receive
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This is the detection for the second stage malware related to the new Java zero-day exploit which was used in the targeted attack campaign, Operation Pawn Storm. In the second stage of the attack, it
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
{string 1} may be any of the following: amd cmd disk dll dsk hp intel ms tcp udp win The variable {string 2} may be any of the following: host mgr mon monitor proc process sys update updater This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies the Internet Explorer Zone Settings. It
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies the Internet Explorer Zone Settings. It
Exploit kits such as Angler Exploit Kit and Nuclear Exploit Pack have been updated to include one of the recent Hacking Team Flash zero-day vulnerabilities. Magnitude Exploit kit, in particular,
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies registry entries to disable various system
This Trojan modifies registry entries to disable various system services. This action prevents most of the system functions to be used. It connects to certain websites to send and receive