Search
Keyword: troj_crypctb
Installation This Trojan drops the following files: %User Temp%\Temp\notpad.exe - also detected as TROJ_HIDFILE.INF %User Temp%\Temp\RGZ DECODER.EXE - non-malicious file (Note: %User Temp% is the
This malware takes advantage of certain vulnerabilities to propagate. This Trojan arrives as attachment to mass-mailed email messages. It executes the dropped file(s). As a result, malicious routines
It enables the OS continue booting without crashing by replicating a particular system library. It is a component file of BKDR_TDSS. It is also responsible for loading the other component file,
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It may be dropped by other malware. It executes the files it drops, prompting the affected
This Trojan arrives as attachment to mass-mailed email messages. It connects to certain URLs. It may do this to remotely inform a malicious user of its installation. It may also do this to download
This Trojan has coding errors that prevent it from running its malicious routines. NOTES: Based on analysis of the codes, it has the following capabilities: This is the detection of Trend Micro for
It drops a .SYS file, which is an encrypted file decrypted by its main component in memory to perform its intended routine. When successfully installed on the affected system, it may connect to the
Other Details This Trojan does the following: It is a trojanized EXPLORER.EXE file modified by a malware detected by Trend Micro as TROJ_BAMITAL.QUE. It serves as an autostart file by loading the
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the dropped file(s). As a result, malicious
Once a malware successfully exploits the said vulnerability, it causes certain actions to be done on the system. Installation This Trojan drops the following non-malicious file: c:\{ascii characters
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies system files, disabling system programs from
This malicious .DLL file monitors the address bar of Internet Explorer and checks if the user tries to visit websites with certain strings. If the website contains any of the above-mentioned strings,
However, as of this writing, the said sites are inaccessible. It executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. Installation
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes the downloaded files. As a result, malicious routines of the downloaded files
This Trojan may be downloaded by other malware/grayware/spyware from remote sites. It may be dropped by other malware. It modifies the user's Internet Explorer home page into a certain website. This
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It executes the dropped file(s). As a result, malicious routines of the
This Trojan may be downloaded from remote sites by other malware. It displays fake alerts that warn users of infection. It also displays fake scanning results of the affected system. It then asks for
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It may be dropped by other malware. It may be unknowingly downloaded by a user while
This Trojan may be dropped by other malware. Arrival Details This Trojan may be dropped by the following malware: TROJ_WALEDAC.AIR Autostart Technique This Trojan adds the following registry entries
This Trojan may be downloaded by other malware/grayware from remote sites. Arrival Details This Trojan may be downloaded by the following malware/grayware from remote sites: TROJ_DLDER.AU It may be