Search
Keyword: HTML_FPSYME
This Trojan may be downloaded by other malware/grayware from remote sites. Arrival Details This Trojan may be downloaded by the following malware/grayware from remote sites: HTML_SHELLLOAD.B It may
This Trojan attempts to steal sensitive online banking information, such as user names and passwords. This routine risks the exposure of the user's account information, which may then lead to the
This Trojan attempts to steal sensitive online banking information, such as user names and passwords. This routine risks the exposure of the user's account information, which may then lead to the
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It takes advantage of software vulnerabilities in certain software to drop malicious
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It attempts to steal sensitive online banking information, such as user names and
This spyware attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites. Arrival Details This spyware may be downloaded from
This spyware attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites. Arrival Details This spyware may be unknowingly
This spyware arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It is injected into all running processes to remain memory resident. It attempts to steal
This spyware attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites. Infection Points This spyware arrives as a file
This spyware attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites. Arrival Details This spyware may be downloaded from
This spyware may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It creates folders where it drops its files. It may be injected into
This spyware may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It creates folders where it drops its files. It modifies the Internet
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies registry entries to disable various system
This worm drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. It modifies the user's Internet Explorer home page into a
Messenger messages Insert iframe tags into HTML files Visit a Web page Create processes Block DNS Redirect domains Steal login credentials Log in to FTP sites It connects to the following URL(s) to send and
to the said servers to get encrypted data, which when decrypted, contains HTML inject codes and target URLs which are mostly bank-related websites: cgi-bin/options.cgi?user_id=3397599756&version_id
file. The URL where it downloads the file which may be base64 encoded is usually indicated in the HTML param tag. Downloads files
file. The URL where it downloads the file is usually indicated in the HTML param tag. Save the downloaded file in the current user's Temp folder
This JavaScript has received attention from independent media sources and/or other security firms. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. As of this writing, the said sites are inaccessible. This is the Trend Micro detection for