Search
Keyword: JS_XORBAT.B
This file infector arrives as attachment to mass-mailed email messages. It may be dropped by other malware. It appends its codes to target files. It infects certain file types by inserting code in
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This backdoor acts as a proxy server that intercepts requests from certain Internet browsers and points them to the proxy server on port 63414. It monitors certain strings in the address bar of the
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It uses the Windows Task Scheduler to add a scheduled
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive
This Trojan may be hosted on a website and run when a user accesses the said website. It redirects browsers to certain sites. Arrival Details This Trojan may be hosted on a website and run when a
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
Other System Modifications It adds the following registry keys: a b=c (Note: The default value data of the said registry entry is d .)
This worm checks if Mozilla Thunderbird is installed in the affected system. It checks for the SMTP server used by this application by checking the file prefs.js and use it to send email messages
This malware is an infection vector related to a vulnerability which is triggered when Windows Multimedia Library in Windows Media Player (WMP) fails to handle a specially crafted MIDI file,
This description is based is a compiled analysis of several variants of TROJ_HILOTI. Note that specific data such as file names and registry values may vary for each variant. This Trojan arrives on a
This Trojan executes when a user accesses certain websites where it is hosted. It may be hosted on a website and run when a user accesses the said website. However, as of this writing, the said sites
This Trojan may be downloaded by other malware/grayware/spyware from remote sites. It may be hosted on a website and run when a user accesses the said website. It executes the downloaded files. As a