Search
Keyword: os2first
Username OS Version and Product Name OS Architecture CRC32 of SID Information from the following applications: Web Browsers 360 Browser 360 Secure Browser Apple Safari Avant Browser Avast Secure Browser
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain
number of file it enumerates {string5} - The build number of the compromised Windows OS It adds the following mutexes to ensure that only one of its copies runs at any one time: \BasedNameObjects
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any
build number of the compromised Windows OS It adds the following mutexes to ensure that only one of its copies runs at any one time: \BasedNameObjects\ggvqxaolnldlD It injects codes into the following
Processor count Username Machine name OS version Total size of system drive Username OS Full Name, Version, and Architecture Malware's original filename → "ASGARD" Malware's last modification date True
is one of the following, it will not load one of its components named EnterpriseFrameworkDependencyInjectionContainer.class. It checks if OS is Windows. It OS is not Windows, it will create a directory
this exploit: Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux Adobe AIR before 18.0.0.144 on Windows and before
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
OS version Other Details This backdoor displays the following message boxes: NOTES: Where {directory} can be any of the following: %Application Data% %User Profile% %User Temp% It terminates itself if
This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes commands from a remote malicious user,
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the downloaded files. As a result, malicious
gathers the following data: OS Volume Serial UUID Computer Name User Name OS Caption OS Version Tag OS Screen Resoltuion JS.Backdoor.2.Gen (BITDEFENDER) Downloaded from the Internet Connects to URLs/IPs,
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing,
\Users\{user name}\AppData\Local\Temp on Windows Vista, 7, 8, 8.1, 2008(64-bit), 2012(64-bit) and 10(64-bit).) Information Theft This Trojan gathers the following data: Mac Address installed AV OS Version
moved to %User Temp\SEG\ip.txt %User Temp%\system_info.txt → contains system information. Later moved to %User Temp%\SEG\system_info.txt %User Temp%\uuid.txt → contains OS version, OS build number,
available on a web page hosted on another Russian domain. To entice users to download this fake app, the page claims that it is compatible with any Android OS version. Once users download and install this
This Trojan may be dropped by other malware. It executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system. It connects to certain