Search
Keyword: URL
files. As a result, malicious routines of the downloaded files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said
TROJ64_INSTOL.USR passes the encrypted URL to this DLL component. This DLL component has only one export function named ExportFunc which is repeatedly executed. Dropped by other malware, Downloaded from the Internet,
arbitrary file [UDP] - Starts UDP Flooding [OpenURL] - Opens a URL using a hidden browser [SYN] Sends a SYN Flood [Get] Sends GET floods [Post] Sends POST floods Other Details This backdoor uses the following
then executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where
HKEY_CURRENT_USER\Software\Microsoft\ Internet Explorer\Main TabProcGrowth = "0" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\URL SystemMgr = "Del" Other Details This Trojan connects to the following
downloads a file from a certain URL then renames it before storing it in the affected system. Installation This worm drops the following copies of itself into the affected system: %system%\36D0F1\2ADE6B.EXE
This Trojan connects to a malicious URL through via 443 to send information such as computer name, user name, IP address, and subnet mask among others. However, as of this writing, the said site is
Bulletin APSB08-13 Adobe Security Bulletin APSB08-19 Adobe Security Bulletin APSB09-04 Adobe Security Advisory APSA09-07 NOTES: If the URL is still accessible, it downloads a file and executes the following
This backdoor connects to a certain URL to send and receive commands from a remote malicious user. It is capable of executing the certain backdoor commands. It also performs a HTTP POST request.
executes the following commands from a remote malicious user: Download Files Remove Itself Send message to the affected system Get Operating System Information Execute Files Open a specific URL with Internet
generates a psuedorandom string to be used for the domain name of the URL it connects to. It does not have rootkit capabilities. It does not exploit any vulnerability. Trojan:JS/BlacoleRef.W (Microsoft),
Environment component to connect to a website and download possibly malicious files. The URL where this Trojan connects depends on the parameter passed on to it by its components. It does not have a rootkit
file and modifies it so that it runs the malware on system startup The patched driver is detected by Trend Micro as PE_TDSS.A. Encrypts the data and passes the information as parameter to the server URL
URL in which an updated copy or another malware can be downloaded. It saves this information to the following registry entry: HKEY_CLASSES_ROOT\idid url{number} = "{hex data}"
{BLOCKED}l.net/img/pt.png http://{BLOCKED}l.net/img/fr.jpg It saves the files it downloads using the following names: %System Root%\jamesdat.exe - detected as TROJ_AGENT.AUCU %System%\igfxtrai.exe - URL
connects to the following possibly malicious URL: {BLOCKED}.{BLOCKED}.185.211 NOTES: It may connect to the non-malicious URL http://www.msn.com/ . This Trojan connects to seemingly non-malicious URLs that
downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the following parameter(s) passed on to it by its components: size Exploit-FKJ
URL. The URL where this malware downloads the said file depends on the parameter passed on to it by its components. Information Theft This Trojan does not have any information-stealing capability. Other
file from a certain URL. The URL where this malware downloads the said file depends on the following parameter(s) passed on to it by its components: calf manu Other Details This Trojan requires its main
Field Bytecode Verifier Cache Remote Code Execution It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the parameter passed on to it