Search
Keyword: os2first
Details This Trojan Spy does the following: This malware looks for the following strings first before its executing malicious routine: fetuar agar agamento "sign ontinu inaliza cessa confirma ok ntra
opened, AutoCAD then loads and executes this malware. It first searches for the file BASE.DCL and looks for ACADDOC.LSP in the same folder where BASE.DCL is located. It also searches for the file
opened, AutoCAD then loads and executes this malware. It first searches for the file BASE.DCL and looks for ACADDOC.LSP in the same folder where BASE.DCL is located. It also searches for the file
Gandcrab ransomware, discovered near the end of January 2018, operates on a ransomware-as-a-service (RaaS) model. It is the first ransomware that demands payment in DASH cryptocurrency, which is more
The MegaCortex ransomware first appeared in January 2019 with few interesting attributes, including the use of a signed executable as part of the payload. It also appeared to offer security
following message boxes: It will overwrite the first sector (200 bytes) of the MBR then force the machine to shutdown Ransomware Routine This Ransomware encrypts files found in the following folders: %Desktop
following scheduled tasks: Task Name: NetworkTask Task Trigger: System startup & Every 10 minutes since first triggered Task Command: %Application Data%\WINYS\{Executed Malware File Name}.exe (Note:
Why the f* you took such photo?! Uses any of the following strings as first name: Adolfo Adolph Adrian Adrian Adriana Adrienne Agnes Agustin Ahmad Ahmed Aida Aileen Aimee Aisha Beulah Beverley Beverly
acad2006doc.lsp NOTES: This malware arrives to the system as an AutoLISP script bundled with a .DWG drawing file. Once the drawing file is opened, AutoCAD then loads and executes this malware. It first searches for
loads and executes this malware. It first searches for the file BASE.DCL and looks for ACADDOC.LSP in the same folder where BASE.DCL is located. It also searches for the file ACADDOC.LSP from where the
and 8.) Autostart Technique The scheduled task executes the malware every: Task Name: Msnetc Task Trigger: System startup & Every 10 minutes since first triggered. Task command: %Application Data%\ncssd
This cryptomining bot was seen spreading through Facebook Messenger and was first observed in South Korea. The malware is sent to victims posing as a video file but in reality is an AutoIt script.
collects the following information on an affected mobile device: Phone number Device ID SDK version Manufacturer Bluetooth name Time and date when app was first installed Presence of Softbank/Docomo/Au app
the first button will try to open the file twitchbooster.vbs Pressing the second button will execute the command shutdown -s -t 300 NOTES: This ransomware does not encrypt files. Dropped by other
first name and password automatically. The app uses umeng SDK for big data analysis. It is a bogus dating app and all information someone sends to the users and the voice chats are from a bot. The dating
Details This hacking tool does the following: Send reports to certain smtp servers when the first button is clicked: smtp.{user input}.com Generate an executable and .ini file when the second button is
NOTES: This malware may arrive by being written to the first sector of a hard disk by another malware. It can also arrive by connecting a clean hard disk to a system infected by this malware. It
manually installed by a user. Other Details This hacking tool uses the following user interfaces (UIs): It does the following: Send reports to certain smtp servers when the first button is clicked: smtp.
origin URL in the first argument to the DownloadImageFileURL method, and the local filename in the second argument. NOTE: some of these details are obtained from third party information. Black_ice,
allows remote attackers to cause a denial of service (probably winhlp32.exe crash) via a long first argument. NOTE: it is not clear whether this issue crosses privilege boundaries. Microsoft Office 2000