PREVIOUS
PREVIOUS
  • TROJ64_CVE20175753.POC

    This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It takes advantage of certain vulnerabilities.
    Read more   

  • TROJ_DIGMINEIN.A

    This cryptomining bot was seen spreading through Facebook Messenger and was first observed in South Korea. The malware is sent to victims posing as a video file but in reality is an AutoIt script.
    Read more   

  • ANDROIDOS_STEALERC32

    This malware is a variant of a VMAP, a mobile component of targeted attacks which affected various sectors in the Middle East. It is capable of searching and extracting information from affected units, record calls, locating devices via geolocation, and downloading and installing other applications.
    Read more   

  • RANSOM_CRYPTOQKG.A

    Dubbed as qkG, this file-encrypting ransomware is written entirely in Visual Basics for Applications (VBA) macros. This is rare considering ransomware families that use malicious macros to download the malwareAfter this malware infects the normal.
    Read more   

  • RANSOM_BADRABBIT.SMA

    This ransomware known as Bad Rabbit infected systems belonging to several high profile companies in Ukraine and Russia. It arrives via watering hole attack on compromised websites.
    Read more   

  • RANSOM_BADRABBIT.A

    This ransomware, also known as Bad Rabbit, reportedly spread to networks of some high profile companies located in Ukraine and Russia. It spreads via network shares.
    Read more   

  • WORM_RETADUP.D

    This malware is one of the variants/components of RETADUP malware discovered on September 2017 to be hitting users in South America for purposes of cryptocurrency mining. Users infected by this malware may find malicous behaviors being exhibited upon their system.
    Read more   

  • TROJ_MALEPS.B

    This malware is associated with attacks involving malicious attachments for Hangul Word Processor (HWP). In the attack, PostScript is used to gain access to a victim's machine.
    Read more   

  • TROJ_HWDOOR.B

    This malware is associated with the attacks against the word processing application Hangul Word Processor (HWP), which is able to run PostScript code. The attacks do not involve actual exploits, the attackers instead abuse a feature of PostScript.
    Read more   

  • TROJ_HWDOOR.A

    This malware is associated with the attacks against the word processing application Hangul Word Processor (HWP), which is able to run PostScript code. The attacks do not involve actual exploits, the attackers instead abuse a feature of PostScript.
    Read more   

PREVIOUS
PREVIOUS