Search
Keyword: troj_cryptesla
It drops a copy of itself detected as TROJ_FRAUDPAC.ZB. This Trojan may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while visiting
This Trojan takes advantage of certain software vulnerabilities to drop malicious files. Upon successfully exploiting the vulnerability, it drops a malicious file detected as TROJ_MALEX.AV. This
This is the Trend Micro detection for files that exhibit certain behaviors. Other Details This is the Trend Micro detection for: Malicious files which contain prepended codes in its malware body.
This Trojan uses social engineering methods to lure users into performing certain actions that may, directly or indirectly, cause malicious routines to be performed. it makes use of a specially
This is the Trend Micro detection for files that exhibit certain behaviors. Other Details This is the Trend Micro detection for: Files targeting Trend Micro OfficeScan Corporate Edition (OSCE)
This Trojan uses social engineering methods to lure users into performing certain actions that may, directly or indirectly, cause malicious routines to be performed. Specifically, it makes use of
Trend Micro has flagged this Trojan as noteworthy due to the increased potential for damage, propagation, or both, that it possesses. Specifically, this Trojan covers/block the user's desktop view.
This Trojan executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system. Installation This Trojan drops the following copies of itself
Arrival Details This Trojan may be downloaded from the following remote sites: http://{BLOCKED}t.com/sw/mssaezv/etsg.jar Other Details Based on analysis of the codes, it has the following
It executes the .DLL file, wintyes.dll , also detected as TROJ_TALERET.D, which is located in the %Temp% folder using RUNDLL32.EXE. This Trojan may arrive bundled with malware packages as a malware
This is the Trend Micro detection for files that exhibit certain behaviors. This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. Arrival
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It takes advantage of certain vulnerabilities. Arrival
It takes advantage of the vulnerabilities in Microsoft Office that could allow remote code execution (MS10-087). Once it successfully exploits the said vulnerability, it drops a file detected as
This malware takes advantage of a vulnerability in Microsoft Word with the way it handles specially crafted email messages in RTF format. To get a one-glance comprehensive view of the behavior of
This Trojan may be dropped by other malware. Arrival Details This Trojan may be dropped by the following malware: TROJ_MDROPPR.AH Installation This Trojan drops and executes the following files:
This Trojan may arrive as a file dropped by TROJ_TDSS.WIN. Its primary function is to log the Internet browsing activities of the user by keeping a record of keywords entered in search engines. It
This Trojan modifies certain registry entries. It connects to certain URL(s) to download its component file(s). It saves the files it downloads using certain file names. Trend Micro detects the
The reply from the said website contains a URL where a file can be downloaded: http://{BLOCKED}.{BLOCKED}.48.46/upfire.exe It then parses the reply to get the URL and downloads the file from the said
This is the Trend Micro detection for damaged variants of the TDSS malware family. Files detected as TROJ_TDSS.DAM are not capable of executing and cannot perform any malicious routines. NOTES:
It saves the downloaded file, which is detected as TROJ_FAKEAV.GXX in a specific folder. This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting