Search
Keyword: HTML_ADODB
ZLOB malware has been around since 2006. It is known to arrive on computers posing as a video codec. As this malware family expanded, some incidents recorded by Trend Micro noted its arrival via
This specially crafted PDF takes advantage of a vulnerability in U3D implementation in certain versions of Adobe Reader and Acrobat . After successfully exploiting the said vulnerability, it drops an
This backdoor opens certain port(s) where it listens for remote commands. It connects to certain URL(s) to send and receive commands from a remote malicious user. It modifies the Master Boot Record
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be downloaded by other malware/grayware from
VUNDO is a family of Trojans, adware, and spyware first spotted in 2004. It usually arrives as a bundle of components, downloaded from malicious websites. VUNDO is multi-component, meaning it has
an unsuspecting user visits an affected web page, this HTML script launches a hidden IFRAME that connects to the following URL: http://{BLOCKED}aofghjtr.ru:8080/images/aublbzdni.php As a result,
Messenger messages Insert iframe tags into HTML files Visit a Web page Create processes Block DNS Redirect domains Steal login credentials Log in to FTP sites It connects to the following URL(s) to send and
Insert iframe tags into HTML files Visit a Web Site Block DNS Steal login credentials Log in to FTP sites Create processes Modify the following system files: ipconfig.exe verclsid.exe regedit.exe
Once users access any of the monitored sites, it starts logging keystrokes. It attempts to steal information, such as user names and passwords, used when logging into certain banking or
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes downloaded files whose malicious routines
This malware searches for specific file types in all drives. Once the files are found, it encrypts these files and then renames them. This Trojan executes certain actions WITHIN the affected
This spyware attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites. Infection Points This spyware arrives as a file
However, as of this writing, the said sites are inaccessible. Installation This Trojan creates the following folders: %Program Files%\Common Files\Plugins (Note: %Program Files% is the default
This spyware is injected into all running processes to remain memory resident. It attempts to steal information, such as user names and passwords, used when logging into certain banking or
This spyware may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It creates folders where it drops its files. It may be injected into
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It executes the downloaded files. As a result, malicious routines of the
This Trojan may be downloaded by other malware/grayware from remote sites. Arrival Details This Trojan may be downloaded by the following malware/grayware from remote sites: HTML_SHELLLOAD.B It may
This Trojan attempts to steal sensitive online banking information, such as user names and passwords. This routine risks the exposure of the user's account information, which may then lead to the
This Trojan attempts to steal sensitive online banking information, such as user names and passwords. This routine risks the exposure of the user's account information, which may then lead to the
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It takes advantage of software vulnerabilities in certain software to drop malicious