Search
Keyword: JS_PADODOR
JS_EXPLOIT.MEA loads this site where its component for decoding base64 can be found. This malicious script was inserted onto a legitimate website of the US Department of Labor and downloads a Poison
TROJ_DLDR.HB connects to this URL to download a file and saves it as %System%\logda.dat . This malware is involved in the cyber attacks that targeted specific users in South Korea during March of
JS_DLOADER.SMGA may be downloaded from this site. JS_DLOADER.SMGA exploits a CVE-2012-1875 vulnerability in Internet Explorer .
JS_DLOADER.SMGA connects to this site to download a malicious file detected as BKDR_AGENT.BCSG. JS_DLOADER.SMGA exploits a CVE-2012-1875 vulnerability.
JS_DLOADER.SMGA connects to this URL to download a malicious file detected as TROJ_AGENT.BCSH. JS_DLOADER.SMGA exploits a CVE-2012-1875 vulnerability in Internet Explorer .
When executed, TROJ_ADLOAD.YG connects to this malicious URL.
When executed, TROJ_ADLOAD.YG connects to this malicious URL.
When executed, TROJ_ADLOAD.YG connects to this malicious URL.
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
It resolves an IP address to download an updated copy of itself or another malicious file. The resolved IP address is in the following format: http://{date+data}.{resolved address}.com/get.php This
This description is based is a compiled analysis of several variants of TROJ_HILOTI. Note that specific data such as file names and registry values may vary for each variant. This Trojan arrives on a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be hosted on a website and run when a user
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It does not have any propagation routine. It does not have any backdoor routine. It
This is the Trend Micro detection for .JOB files that execute files detected as JS_QAKBOT. These files are components of the WORM_QAKBOT malware family. NOTES: This is the Trend Micro detection for
This backdoor may be dropped by other malware. It executes commands from a remote malicious user, effectively compromising the affected system. Arrival Details This backdoor may be dropped by the
This malicious script is noteworthy due to its use in what looks like a targeted attack via Webmail. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram
This Trojan may be hosted on a website and run when a user accesses the said website. This is the Trend Micro detection for Web pages that were compromised through the insertion of a certain IFRAME
This spyware may be dropped by other malware. It executes then deletes itself afterward. It connects to certain websites to send and receive information. Arrival Details This spyware may be dropped