Search
Keyword: JS_EXPLOIT
\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf\51.9_0\config\skin\widgets\SPE-options\js %AppDataLocal%\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf\51.9_0
This adware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This adware arrives on a system as a
This adware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This adware arrives on a system as a
This Trojan attempts to steal sensitive online banking information, such as user names and passwords. This routine risks the exposure of the user's account information, which may then lead to the
is a Java class file that is used to execute an exploit code. Once successful, it may download and execute a possibly malicious file from a certain URL. The URL where this malware downloads the said
This Trojan may arrive bundled with malware packages as a malware component. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting
Both malware are related to the modified Enfal variants, which were reported to have infected 874 systems in 33 countries. To get a one-glance comprehensive view of the behavior of this Trojan, refer
CVE-2012-1723 NOTES: This is the Trend Micro detection for malicious Java Class that attempts to exploit a vulnerability in the Java Runtime Environment component of the following: Java SE 7 Update 2 and earlier
This malware is involved in the Blackhole Exploit Kit (BHEK) attacks in January 2013. It takes advantage of a zero-day vulnerability (CVE-2013-0422) in Java in order to drop ransomware. Victims may
App.xaml Once a malware successfully exploits the said vulnerability, it causes the following actions to be done on the system: Execute Arbitrary Code It is a zero-day exploit for the following
\exploit (Note: %Application Data% is the current user's Application Data folder, which is usually C:\Documents and Settings\{user name}\Application Data on Windows 2000(32-bit), XP, and Server 2003(32-bit),
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive
Temp%\ip\offers\offers\yandex-stub %User Temp%\ip\js %User Temp%\ip\bin\Tools %User Temp%\ip %User Temp%\ip\offers %User Temp%\ip\img %User Temp%\ip\offers\offers\opera %User Temp%\ip\bin (Note:
\offers\offers\opera %User Temp%\ip\bin %Application Data%\InstallPack\logs %User Temp%\ip %User Temp%\ip\bin\Tools %User Temp%\ip\js %User Temp%\ip\offers\offers %User Temp%\ip\offers\offers\avast %User
\afeodekfkejjgjigfnhhifffljmhnpfn\1.24.16_0\js %AppDataLocal%\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn\1.24.16_0\js\api %AppDataLocal%\Google\Chrome\User Data\Default\Extensions
This malware is part of the fileless botnet Novter that is delivered via the KovCoreG malvertising campaign. This Trojan arrives on a system as a file dropped by other malware or as a file downloaded
%Application Data%\InstallPack\logs %User Temp%\ip\img %User Temp%\ip\css %User Temp%\ip\offers %User Temp%\ip\data %User Temp%\ip\offers\offers\yandex-dirty %User Temp%\ip\js %User Temp%\ip\offers\offers\split
%User Temp%\ip\offers\offers %User Temp%\ip\img %User Temp%\ip\offers\offers\split %User Temp%\ip\js %User Temp%\ip\offers\offers\yandex-sovetnik %User Temp%\ip %User Temp%\ip\css (Note: %User Temp% is
%AppDataLocal%\Google\Chrome\User Data\Default\Extensions\aaaaggphaebghfengepdepbkegaggggh\51.1_0\config\skin\widgets\SPE-options\js\options.js %AppDataLocal%\Google\Chrome\User Data\Default\Extensions
Once users access any of the monitored sites, it starts logging keystrokes. It attempts to steal information, such as user names and passwords, used when logging into certain banking or