Search
Keyword: URL
also contains a "Remove Watermark Now" link found on the upper-right corner of the document, to redirect the user to: http://pdf.wondershare.com -> non-malicious URL http://itm.im/8nn
messages. Download Routine This Trojan saves the files it downloads using the following names: %User Temp%\l2s4SmQcK.exe - when url is accessible %User Temp%\l2s4SmQcK - when the url is inaccessible (Note:
It saves the files it downloads using the following names: %User Temp%\ZraPhEmJWMGJrm.exe - when url is accessible %User Temp%\ZraPhEmJWMGJrm - when the url is inaccessible (Note: %User Temp% is the
if URL is inaccessible %User Temp%\Rog8aOeIr.exe -> if URL is accessible (Note: %User Temp% is the user's temporary folder, where it usually is C:\Documents and Settings\{user name}\Local Settings\Temp
messages. Download Routine This Trojan saves the files it downloads using the following names: %User Temp%\yDyZve7WAOeXEAxQ.exe - when url is accessible %User Temp%\yDyZve7WAOeXEAxQ - when the url is
\JNOfHRYxYIfKOnw -> if URL is inaccessible %User Temp%\JNOfHRYxYIfKOnw.exe -> if URL is accessible (Note: %User Temp% is the user's temporary folder, where it usually is C:\Documents and Settings\{user name}\Local
}illamil.com/dqzo2 It saves the files it downloads using the following names: %User Temp%\ksm9pxbTu3U.exe - when url is accessible %User Temp%\ksm9pxbTu3U - when the url is inaccessible (Note: %User Temp% is the
\WindowsPowerShell\v1.0\powershell.exe Downloads and save files to a specific directory: URL download Link: http://{BLOCKED}.{BLOCKED}.83.140/2.exe Saves to the following directories: %Windows%\migration\2.exe
BKDR_MATSNU.MCB connects to this URL to send and receive commands from a remote malicious user. This malware has the capability to wipe the Master Boot Record (MBR). Once done, infected systems won’t
BKDR_MATSNU.MCB connects to this URL to send and receive commands from a remote malicious user. This malware has the capability to wipe the Master Boot Record (MBR). Once done, infected systems won’t
BKDR_MATSNU.MCB connects to this URL to send and receive commands from a remote malicious user. This malware has the capability to wipe the Master Boot Record (MBR). Once done, infected systems won’t
BKDR_MATSNU.MCB connects to this URL to send and receive commands from a remote malicious user. This malware has the capability to wipe the Master Boot Record (MBR). Once done, infected systems won’t
BKDR_MATSNU.MCB connects to this URL to send and receive commands from a remote malicious user. This malware has the capability to wipe the Master Boot Record (MBR). Once done, infected systems won’t
BKDR_MATSNU.MCB connects to this URL to send and receive commands from a remote malicious user. This malware has the capability to wipe the Master Boot Record (MBR). Once done, infected systems won’t
BKDR_MATSNU.MCB connects to this URL to send and receive commands from a remote malicious user. This malware has the capability to wipe the Master Boot Record (MBR). Once done, infected systems won’t
BKDR_MATSNU.MCB connects to this URL to send and receive commands from a remote malicious user. This malware has the capability to wipe the Master Boot Record (MBR). Once done, infected systems won’t
CVE-2001-0731 Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string. Apply associated Trend
crafted URL to a target site. Windows Server 2008 R2,Windows Server 2012,Windows Server 2008
BKDR_BLYPT.A connects to this URL to send and receive commands from a remote malicious user. This backdoor is a variant of the malware family BLYPT. It uses binary large objects (BLOB) to store
BKDR_BLYPT.A connects to this URL to send and receive commands from a remote malicious user. This backdoor is a variant of the malware family BLYPT. It uses binary large objects (BLOB) to store