Search
Keyword: os2first
following data: Host Name Public IP Address Computer Name OS Version OS Platform User Accounts System Info(CPU, Memory, No. of Processors) Installed programs Services Other Details This backdoor connects to
disable the Task Manager: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Policies\ System DisableTaskMgr = "2" Backdoor Routine This Backdoor executes the following command(s) from a remote
following data: Computer Name OS Version Service Pack Other Details This Trojan connects to the following URL(s) to get the affected system's IP address: http://icanhazip.com/ It does the following: This
information and reports it to its servers: Language of affected system number of failed encrypted files number of encrypted files OS architecture (if 64bit) victim ID NOTES: This malware prevents to encrypt
This backdoor gathers the following information and reports it to its servers: Local IP Mac Address Size of RAM Country OS Name OS Version If User is Admin Java Version Trojan:Java/Adwind (Microsoft);
retrieves the country code by accessing the following URL: http://ip-api.com/json/?fields=countryCode It gathers the following information and reports it to its servers: List of encrypted files Windows OS
Language of affected system number of failed encrypted files number of encrypted files OS architecture (if 64bit) victim ID NOTES: This ransomware encrypts files in fixed, removable, RAM disk drives, and
encrypted files OS architecture (if 64bit) victim ID NOTES: It prevents to encrypt files containing any of the strings in its full path name: AppData Application Data Program Files temp $Recycle.Bin System
gathers the following information and reports it to its servers: Language of affected system number of failed encrypted files number of encrypted files OS architecture (if 64bit) victim ID NOTES: This
}dirom.ru/ls5/forum.php It posts the following information to its command and control (C&C) server: Machine GUID Computer Name Account Name Public IP Address OS Version The information are posted to the server in the
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
smtp.sbcglobal.yahoo.com smtp.mail.yahoo.com smtp.live.com Backdoor Routine This backdoor executes the following commands from a remote malicious user: Download and execute files Retrieve Spam Configuration/Content Get OS
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This spyware may be unknowingly downloaded by a user while visiting malicious websites. It executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the
=e9e45de07d328e8d46adf4357840be5e&floor{random}&uid={value}&out={process id of executed downloaded file}&ver={version number} It displays the following message boxes: It does the following: Enumerates running processes Gets OS version