Search

\xmldsig-core-schema_v1.01.xsd %System Root%\ALS3\libeay32.dll %System Root%\ALS3\ssleay32.dll %System Root%\ALS3\CTE\Pasta com os CTEs mensais.txt %System Root%\ALS3\XML\Pasta de processamento.txt %System Root%\ALS3\ALS3A.exe

{string1}{string2} Start = 2 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\{string1}{string2} ErrorControl = 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\{string1}{string2} DisplayName =

advantage of the following software vulnerabilities to drop malicious files: CVE-2017-8464 Information Theft This Worm gathers the following data: User Credentials OS Version User Name Domain Name Other

Computer Username Domain Information Graphics Card Information GUID MAC Address OS Information Other Details This Worm does the following: It deletes the following scheduled tasks: AdobeFlashPlayer

CVE-2010-2204 Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute

{string1}{string2} Start = 2 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\{string1}{string2} ErrorControl = 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\{string1}{string2} DisplayName =

\CurrentControlSet\ Services\{string1}{string2} Type = 16 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\{string1}{string2} Start = 2 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\{string1}{string2}

Start = 2 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\{string1}{string2} ErrorControl = 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\{string1}{string2} DisplayName = {string1}{string2

This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This

" "shell_scripts/check_if_cscript_is_working.js" cscript "shell_scripts/check_if_cscript_is_working.js" "%System%\PING.EXE" 8.8.8.8 -n 2 -w 500 ping 8.8.8.8 -n 2 -w 500 "%System%\cscript.exe" shell_scripts/shell_ping_after_close.js "http://i-50.

Start = 2 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\{string1}{string2} ErrorControl = 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\{string1}{string2} DisplayName = {string1}{string2

\SYSTEM\ControlSet001\ services\{string1}{string2} Type = 16 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ services\{string1}{string2} Start = 2 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ services\{string1}

xy3 xyp xyw y yal ybk yml ysp z3d zabw zdb zdc zif zw It deletes the initially executed copy of itself It gathers the following information and reports it to its servers: OS version IP address List of

xy3 xyp xyw y yal ybk yml ysp z3d zabw zdb zdc zif zw It deletes the initially executed copy of itself It gathers the following information and reports it to its servers: OS version IP address List of

CVE-2009-3955 Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted JPC_MS_RGN marker in the Jp2c stream

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This

Type = "16" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ services\{string1}{string2} Start = "2" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ services\{string1}{string2} ErrorControl = "0" HKEY_LOCAL_MACHINE

This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be manually installed

CVE-2009-3958 Buffer overflow in the Download Manager in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to execute arbitrary code via

CVE-2009-3956 The default configuration of Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, does not properly support the Enhanced Security feature, which has