Search

Description Name: NEMUCOD - HTTP (Request) - Variant 5 . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as N/A. This also indicates a malware infection. Below are some indicators of an infected host:...

This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. Arrival Details This Trojan arrives as an attachment to email messages spammed by other

Description Name: XORBAT - Ransomware - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as N/A. This also indicates a malware infection. Below are some indicators of an infected host:...

Lectool 1007711* - Ransomware XORBAT Suspicious Server Ransomware Activity 1007582* - Ransomware Lectool-1 Web Application Common 1009319 - ImageMagick 'ReadMATImage' Use After Free Vulnerability

%Windows%\winsxs\amd64_prnso002.inf_31bf3856ad364e35_6.1.7600.16385_none_419ce09d71f61ee8\Amd64 %Program Files%\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\viewer

This Adware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Adware arrives on a system as a

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a

\node_modules\bluebird\js\browser %AppDataLocal%\Programs\safe-watch\resources\app\node_modules\sax %AppDataLocal%\Programs\safe-watch\resources\app\node_modules\scss-tokenizer\lib %AppDataLocal%\Programs

Tools\help\wwhelp\wwhimpl\js\images\spc_tabm.gif %System Root%\Program Files\VMware\VMware Tools\help\wwhelp\wwhimpl\common\html\init3.htm %System Root%\Program Files\Java\jre1.8.0_144\lib\images\cursors

\afeodekfkejjgjigfnhhifffljmhnpfn\1.24.16_0\js %AppDataLocal%\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn\1.24.16_0\js\api %AppDataLocal%\Google\Chrome\User Data\Default\Extensions

\winservice86\ Plugins\42 Url = "http://js.{BLOCKED}ticinputserv.com/plugins/mins/42.js" HKEY_CURRENT_USER\Software\winservice86\ Plugins\14 Version = "b" HKEY_CURRENT_USER\Software\winservice86\ Plugins\14 Name

This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This

%User Profile%\login\css %User Profile%\css\retina %User Profile%\login\images %User Profile%\images\retina %User Profile%\login\js %User Profile%\login\languages %User Profile%\css\platform %Program

\zx_13283b3780\dialogs %User Temp%\zx_13283b3780\dialogs\library %User Temp%\zx_13283b3780\dialogs\library\css %User Temp%\zx_13283b3780\dialogs\library\images %User Temp%\zx_13283b3780\dialogs\library\js %User

%Program Files%\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\de-de\ui-strings.js %Program Files%\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a

reader dc\Reader\webresources\resource0\static\js\plugins\app-center\css\main-selector.css %Program Files%\Adobe\acrobat reader dc\Resource\typesupport\Unicode\Mappings\win\CP1258.TXT %Program Files%\Adobe

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This