Search
Keyword: os2first
\ TestApp OSCaption = {Infected machine OS version} HKEY_CURRENT_USER\Software\Microsoft\ TestApp OSArchitecture = {32 or 64 bit} HKEY_CURRENT_USER\Software\Microsoft\ TestApp IsAdmin = {1 or 0, checks if
dependent directory}\capbepfn.exe {OS dependent directory}\azlwpsbcwya.exe %User Temp%\i5wfyrpl{random characters}.exe %Temp%\i5wfyrpl{random characters}.exe - for Windows OS other than Vista and 7 (Note:
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This spyware may be manually installed by a user. Arrival Details This spyware may be manually installed by a user. Installation This spyware drops the following files: %All Users Profile%
This Hacking Tool arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Hacking Tool arrives on a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the downloaded files. As a result, malicious
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This malware is the final payload to the recent BlackEnergy targeted attacks that affected industries in Ukraine. The threat actors behind this attack normally use Excel files as part of their social
To get a one-glance comprehensive view of the behavior of this Backdoor, refer to the Threat Diagram shown below. This backdoor may be dropped by other malware. It executes commands from a remote
This Point-of-Sales (PoS) reconnaissance malware checks if the infected system is part of a PoS network or if it is a PoS machine. An attack uses Angler Exploit Kit to spread this PoS malware. In
the following processes: if OS is 32-bit: powershell {base-64 encoded} → deletes shadow copies if OS is 64-bit: cmd "/c vssadmin.exe Delete Shadows /All /Quiet & bcdedit /set {default}
OS X,Adobe Flash Player 13.0.0.277 and earlier on Windows and OS X Apply associated Trend Micro DPI Rules. 1006636| 1006636 - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0349)
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
CVE-2010-3804 The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating
Autostart Technique The scheduled task executes the malware every: One System CarePeriod One System Care Monitor One System Care Run Delay One System Care Task Dropping Routine This Potentially
CVE-2010-1770 WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a