Search
Keyword: troj_sconato.a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It arrives as a component bundled with malware/grayware
unknowingly downloaded by a user while visiting malicious websites. It injects its dropped file/component to specific processes. It opens a hidden Internet Explorer window. It executes the dropped file(s). As a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be manually installed by a user. It uses common
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain URLs. It may do this to remotely
This Trojan displays fake alerts upon installation. It displays fake scanning results about disk errors. This Trojan arrives on a system as a file dropped by other malware or as a file downloaded
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It displays fake alerts that warn users of infection. It
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It uses icons similar to those of legitimate
as a file downloaded from the following URLs: http://{BLOCKED}yeew.ru/bin/thootham.exe Installation This Trojan adds the following folders: %Application Data%\{random1} %Application Data%\{random2}
Upon execution, it displays a GUI indicating the installation of a rogue antivirus called Internet Protection. While doing so, it downloads its component file from the a certain URL via HTTP GET. If
is found that a malicious server tries to inject sites with a .PHP script that is housed in a site called LizaMoon. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain URLs. It may do this to remotely
Upon execution, it displays a GUI indicating the installation of a rogue antivirus called Internet Protection. While doing so, it downloads its component file from the a certain URL via HTTP GET. If
This Trojan targets routers and attempts to log in to all the devices connected to the routers. It pretends to be an Adobe Flash update. To get a one-glance comprehensive view of the behavior of this
This is the Trend Micro generic detection for files exhibiting suspicious behavior that may cause harm to systems. Trojans are a general malware classification for malicious files, applications, or
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies the Internet Explorer Zone Settings. It
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be hosted on a website and run when a user