Search
Keyword: Coinminer_MALXMR.SMGH2-ELF64
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Backdoor arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This adware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This adware arrives on a system as a
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This
\CurrentVersion\ Uninstall\RilatMod_is1 InstallDate = "20200123" HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ Microsoft\Windows\CurrentVersion\ Uninstall\RilatMod_is1 MajorVersion = "2" HKEY_LOCAL_MACHINE\SOFTWARE
\ Microsoft\Windows\CurrentVersion\ Uninstall\BDebokaf_is1 MajorVersion = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ Microsoft\Windows\CurrentVersion\ Uninstall\BDebokaf_is1 MinorVersion = "8
CVE-2008-4250 This security update resolves a privately reported vulnerability in the Server service. This vulnerability could allow remote code execution if an affected system received a
" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\WhoWhere LDAP Server ID = "3
This is the Trend Micro detection for traffic being sent by many TROJ_ZBOT variants. A large number of TROJ_ZBOT variants are capable of sending stolen information via HTTP POST requests. The data
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It injects its dropped file/component to specific
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan Spy arrives on a system
\Microsoft\ Windows\CurrentVersion\Uninstall\ DriverDoc_is1 MajorVersion = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall\ DriverDoc_is1 MinorVersion = "19" HKEY_CURRENT_USER
" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall\ DriverDoc_is1 MajorVersion = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall\ DriverDoc_is1 MinorVersion = "19
value data of the said registry entry is 2 .) Dropping Routine This Trojan drops the following files: %User Temp%\SHUMCB2B.tmp %User Temp%\gunshum.exe %User Profile%\MetaData
the said registry entry is 7 .) HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced Hidden = "1" (Note: The default value data of the said registry entry is 2 .) Dropping
registry entries: HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "{RSA PUBLIC KEY} " HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "{contents of HELP_DECRYPT.TXT}" HKEY_CURRENT_USER