Search
Keyword: troj_sconato.a
This Trojan may arrive bundled with malware packages as a malware component. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It requires being executed with a specific
This malware is involved in the Master Boot Record (MBR) wiper outbreak that targeted users in South Korea during March of 2013. It drops and executes malware on affected systems, including a
This malware is the final payload of a USTEAL variant that was reported on late April 2014. It encrypts certain files detected on the affected system and demands the user pay the ransom to have them
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the downloaded files. As a result, malicious
This ransomware specifically targets Turkish users. It arrives as a spammed message informing users about a billing invoice update. Once users clicked the links, it leads to the download of a
This Trojan may arrive bundled with malware packages as a malware component. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting
This ransomware uses Windows PowerShell to encrypt files. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below. This Trojan arrives on a
This DLL file acts as a notify object DLL used by TROJ_GORIADU.SMM (NDIS Intermediate driver), which contains specific parameters and configuration information. This Trojan may be dropped by other
Trend Micro has flagged this Trojan as noteworthy due to the increased potential for damage, propagation, or both, that it possesses. Specifically, it poses as a rogue antivirus software. To get a
It connects to websites to download and execute a malicious file detected as TROJ_LETHIC.SMC. It then executes the downloaded files. As a result, malicious routines of the downloaded files are
Trend Micro to let users download and install a malicious package that purports to come from a legitimate antivirus company. To get a one-glance comprehensive view of the behavior of this Trojan, refer to
the following registry keys to install itself as a Browser Helper Object (BHO): HKEY_CLASSES_ROOT\CLSID\{random CLSID} HKEY_CLASSES_ROOT\PROTOCOLS\Filter\ text/html It registers itself as a BHO to
It drops component files that Trend Micro also detects as TROJ_FAKEAV.CAC. This Trojan may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a
http://sjc1-te-cmsap1.sdi.trendnet.org/dumpImages/116201052824.jpeg Background of the Attack In a
recent spam run, TrendLabs SM engineers came across samples
of spammed messages using the
http://sjc1-te-cmsap1.sdi.trendnet.org/dumpImages/206201065435.jpeg How do users get this Web threat? Systems get infected by various binaries once users visit any site injected with a malicious
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It arrives as a component bundled with malware/grayware
This Trojan is hosted on a website and takes advantage of a vulnerability in CoreGraphics (CVE-2011-0226) and IOMobileFrameBuffer (CVE-2011-0227) of iOS to aid in jailbreaking an iPhone, iPad, or