Search
Keyword: JS_PETCH
This Trojan executes when a user accesses certain websites where it is hosted. It may be hosted on a website and run when a user accesses the said website. Arrival Details This Trojan executes when a
This Trojan may be dropped by other malware. Arrival Details This Trojan may be dropped by the following malware: TROJ_HILOTI.EP NOTES: This javascript may be used to monitor browser activities in
This Trojan may be unknowingly downloaded by a user while visiting malicious websites. It redirects browsers to certain sites. Arrival Details This Trojan may be unknowingly downloaded by a user
This Trojan may be hosted on a website and run when a user accesses the said website. As of this writing, the said sites are inaccessible. Once a compromised site is visited, the user is redirected
This Trojan redirects browsers to certain sites. Other Details This Trojan redirects browsers to the following sites: http://{BLOCKED}us.com.mx/1.html
Arrival Details This Trojan may be downloaded from the following remote sites: http://www.{BLOCKED}ydrop.com/javascripts/tree
This malicious JavaScript uses social engineering methods to lure users into performing certain actions that may, directly or indirectly, cause malicious routines to be performed. Specifically, it
Trend Micro has flagged this malicious JavaScript as noteworthy due to the increased potential for damage, propagation, or both, that it possesses. Specifically, it exploits a vulnerability in
This Trojan may be hosted on a website and run when a user accesses the said website. It redirects browsers to certain sites. Arrival Details This Trojan may be hosted on a website and run when a
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. However, as of this writing, the said sites are inaccessible. It redirects browsers to
This JavaScript has received attention from independent media sources and/or other security firms. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram
Other Details Based on analysis of the codes, it has the following capabilities: It gathers IP addresses connected to the network such as {BLOCKED}8.29.x and runs ARP poisoning to infect computers.
Trend Micro has flagged this JavaScript as noteworthy due to the increased potential for damage, propagation, or both, that it possesses. To get a one-glance comprehensive view of the behavior of
This Trojan may be unknowingly downloaded by a user while visiting malicious websites. It may be hosted on a website and run when a user accesses the said website. This is the Trend Micro detection
Other Details This Trojan does the following: Displays the following pop-up message once executed: This script is used by other FAKEAV variants for their malicious routines. Displays message/message
This Trojan drops the files. Installation This Trojan creates the following folders: C:\Documents and Settings\All Users\Application Data\adhhh Dropping Routine This Trojan drops the following files:
However, as of this writing, the said sites are inaccessible. It inserts an IFRAME tag that redirects users to certain URLs. Backdoor Routine However, as of this writing, the said sites are
This Trojan may be hosted on a website and run when a user accesses the said website. As of this writing, the said sites are inaccessible. Once a compromised site is visited, the user is redirected
This Trojan may arrive bundled with malware packages as a malware component. It executes when a user accesses certain websites where it is hosted. It may be hosted on a website and run when a user
However, as of this writing, the said sites are inaccessible. This is the Trend Micro detection for Web pages that were compromised through the insertion of a certain malicious script. It redirects