Search
Keyword: Coinminer_MALXMR.SMGH2-ELF64
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This spyware arrives on a system as a
{random 2 characters} = "{RSA PUBLIC KEY} " HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "{contents of HELP_DECRYPT.TXT}" HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "{contents of
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive
CVE-2014-4114 This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a Microsoft Office file that
CVE-2015-1728 This security update addresses a vulnerability found in Microsoft Windows which when exploited successfully could allow remote code execution thus compromising the security of the
CVE-2011-1269 This security update resolves a privately reported vulnerability in the Windows Internet Name Service (WINS). The vulnerability allows remote code execution if a user receives a
editions),Microsoft Office 2010 Service Pack 1 (32-bit editions),Microsoft Office 2007 Service Pack 2 (KB2553089),Microsoft Office 2007 Service Pack 2 (KB2553090),Microsoft Office 2010 and Microsoft Office
= "a" HKEY_CURRENT_USER\Software\PCYac\ AD day_keyword = "64" HKEY_CURRENT_USER\Software\PCYac\ AD repeat_under = "3" HKEY_CURRENT_USER\Software\PCYac\ AD repeat_toast = "3" HKEY_CURRENT_USER
This potentially unwanted application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This
" HKEY_LOCAL_MACHINE\SOFTWARE\ORL\ WinVNC3 AllowLoopback = "1" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\LTSvcMon Start = "2" HKEY_LOCAL_MACHINE\SOFTWARE\LabTech\ Service Version = "40.193
This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes commands from a remote malicious user,
CEC99EE8014CEE3676 = "CEC99EE8014CEE3676" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "0" It
= "16DFA9721D5CD929D43" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup LogLevel = "0" It
" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Security\ cASPKI\cASPKI\cCustomCertPrefs\ c312E322E3834302E3131343032312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\ c1 iEnd = "2" HKEY_CURRENT_USER
MajorVersion = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall\ {random key} MinorVersion = "1" HKEY_CURRENT_USER\Software\Systweak\ params ASPInstalledPath = "%Program Files%\ASP
" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Security\ cASPKI\cASPKI\cCustomCertPrefs\ c312E322E3834302E3131343032312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\ c1 iEnd = "2" HKEY_CURRENT_USER