Search
Keyword: troj_vundo
This Trojan injects itself into Internet Explorer when executed. It also connects to a website in an attempt to possibly download files that may be malicious onto the infected system. Installation
Other System Modifications This Trojan adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\Winlogon EnableConcurrentSessions = 1 HKEY_LOCAL_MACHINE
This Trojan executes the files it drops, prompting the affected system to exhibit the malicious routines they contain. It deletes itself after execution. Dropping Routine This Trojan drops the
This Trojan arrives as attachment to mass-mailed email messages. Arrival Details This Trojan arrives as attachment to mass-mailed email messages. Download Routine This Trojan connects to the
This Trojan has received attention from independent media sources and/or other security firms. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown
Other Details Based on analysis of the codes, it has the following capabilities: Executes functions from its components malware files, TROJ_JAVA.AT and TROJ_JAVA.BP to trigger the execution of its
This is the Trend Micro detection for files that exhibit certain behaviors. Other Details This is the Trend Micro detection for: Master Boot Record that are infected by other malware. It does the
This Trojan may be unknowingly downloaded by a user while visiting malicious websites. It modifies the affected system's HOSTS files. This prevents users from accessing certain websites. It deletes
This Trojan arrives as attachment to mass-mailed email messages. It connects to certain URLs. It may do this to remotely inform a malicious user of its installation. It may also do this to download
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes the files it drops, prompting the affected system to exhibit the malicious
Trend Micro has flagged this {malware/spyware type} as noteworthy due to the increased potential for damage, propagation, or both, that it possesses. Specifically, it employs polymorphism to prevent
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
The reply from the said website may contain other URL where this malware can download other files. This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while
This Trojan may be dropped by other malware. It connects to certain URLs. It may do this to remotely inform a malicious user of its installation. It may also do this to download possibly malicious
Trojans or Trojan horse programs refer to a family of malware that carry payloads or other malicious actions that can range from the mildly annoying to the irreparably destructive. They can also
Installation This Trojan drops the following files: %temp%\set.jtd - normal ichitaro file %temp%\ews.exe - detected by Trend Micro as TROJ_DROPPER.BIY Other Details This Trojan does the following:
This worm accesses websites to download files detected by Trend Micro as: TROJ_FAKEAV.SM8 TROJ_RIMECUD.DL WORM_RIMECUD.SMC This worm arrives via removable drives. It drops an AUTORUN.INF file to
Once this Trojan successfully exploits the said vulnerability, it attempts to drop and execute a malicious file. This Trojan arrives on a system as a file dropped by other malware or as a file
Heuristic Detection This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware: TROJ_AUTOIT If your Trend Micro
This Trojan executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system. Download Routine This Trojan accesses the following websites