Search
Keyword: os2first
SWISYN is a Trojan family first spotted around 2009. It is known primarily as a malware that drops other malware and executes them on the system it affects. This causes the affected system to display
SWISYN is a Trojan family first spotted around 2009. It is known primarily as a malware that drops other malware and executes them on the system it affects. This causes the affected system to display
SWISYN is a Trojan family first spotted around 2009. It is known primarily as a malware that drops other malware and executes them on the system it affects. This causes the affected system to display
SWISYN is a Trojan family first spotted around 2009. It is known primarily as a malware that drops other malware and executes them on the system it affects. This causes the affected system to display
KELIHOS is a botnet first seen in 2010. It is mainly used for spreading other malware through spammed email messages. Besides spamming, some variants exhibit Biitcoin mining and distributed denial of
SWISYN is a Trojan family first spotted around 2009. It is known primarily as a malware that drops other malware and executes them on the system it affects. This causes the affected system to display
KELIHOS is a botnet first seen in 2010. It is mainly used for spreading other malware through spammed email messages. Besides spamming, some variants exhibit Biitcoin mining and distributed denial of
SWISYN is a Trojan family first spotted around 2009. It is known primarily as a malware that drops other malware and executes them on the system it affects. This causes the affected system to display
" HKEY_CURRENT_USER\Software\Microsoft\ Internet Explorer\Main First Home Page = "about:blank" HKEY_CURRENT_USER\Software\Policies\ Microsoft\Internet Explorer\Control Panel Check_If_Default = "0" HKEY_CURRENT_USER
\MoonLightEngine 1365 ScanThreadpriority = "4" HKEY_CURRENT_USER\Software\MoonLightEngine 1365 First Time User = "0" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\PCRatStact Type = "12" It modifies the following
"4" HKEY_CURRENT_USER\Software\sang sinsang First Time User = "0" It modifies the following registry entries: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\wscsvc Start = "4" (Note: The default
sinsang ScanThreadpriority = "4" HKEY_CURRENT_USER\Software\sang sinsang First Time User = "0" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\SharedAccess\Parameters\ FirewallPolicy\StandardProfile
\CurrentVersion\Policies\ Explorer\Run MsAudio = %System%\explorer.exe The scheduled task executes the malware every: everyday at time of first execution Propagation This worm searches the network for the following
KOOBFACE malware are known for targeting the social networking site Facebook to spread via infected wall posts. It was first spotted in 2008, but KOOBFACE was at the height of its operations in 2009
CitizensBank Capital One AllTime Online First Tennessee M&T Bank Frostbank Webster Ally Other Details This spyware does the following: It monitors the Internet browser activities of the affected system,
This worm arrives via removable drives. It arrives by accessing affected shared networks. It uses the default Windows folder icon to trick users into opening the file. Double-clicking the file
Other Details This Trojan does the following: It connects to the following servers: {BLOCKED}spy.com {BLOCKED}spy.net After confirming a reply from the server, it then creates several threads. The first
execute first before opening the real folder or file. It then changes the attributes of the original folders and files to Hidden and System to avoid early detection. It may attempts to connect to the
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself.
dns - Resolve an address to its IP address NOTES: If a command line parameter exists, it uses the first one as the IRC server instead of {BLOCKED}i.bot.nu:5190 . It chooses a randpom nickname from the