Search
Keyword: os2first
%AppDataLocal%\{String1}{String2}\{String1]{String2}.exe" Information Theft This Trojan Spy gathers the following data: Computer Name System Locale OS Version Running Processes Other Details This Trojan Spy
Trojan Spy does not have rootkit capabilities. Information Theft This Trojan Spy gathers the following data: Computer Name Process SessionId OS Version Running Processes File CRC Processor Architecture
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It injects its dropped file/component to specific
This adware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This adware arrives on a system as a
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It uses the Windows Task Scheduler to add a
gathers the following data: Computer Name Process SessionId OS Version Running Processes File CRC Processor Architecture Other Details This Trojan Spy does the following: It creates the service for
Trojan Spy gathers the following data: Computer Name Process SessionId OS Version Running Processes File CRC Processor Architecture Other Details This Trojan Spy does the following: It creates the service
\ControlSet001\ services\{string1}{string2} Start = 2 HKEY_LOCAL_MACHINE\System\ControlSet001\ services\{string1}{string2} ErrorControl = 0 HKEY_LOCAL_MACHINE\System\ControlSet001\ services\{string1}{string2}
CVE-2010-1297 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS
CVE-2010-0192 Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute
" "shell_scripts/check_if_cscript_is_working.js" cscript "shell_scripts/check_if_cscript_is_working.js" "%System%\PING.EXE" 8.8.8.8 -n 2 -w 500 ping 8.8.8.8 -n 2 -w 500 "%System%\cscript.exe" shell_scripts/shell_ping_after_close.js "http://i-50.
Theft This Trojan gathers the following data: Computer Name User Name Logon Domain Serial Number of Drive C:\ IP Address OS Version Number of Processors Other Details This Trojan connects to the following
\"Zoolz 2 Service Backups\" sc stop MSSQLServerADHelper /y sc stop SQLAgent$PROD /y sc stop msftesql$PROD /y sc stop NetMsmqActivator /y sc stop EhttpSrv /y sc stop ekrn /y sc stop ESHASRV sc stop MSSQL
AntivirusDisableNotify = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced Hidden = "2" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\policies NoDispCPL = "1
following registry entries: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ services\{string1}{string2} Type = "16" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ services\{string1}{string2} Start = "2" HKEY_LOCAL_MACHINE
registry entries: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ services\{string1}{string2} Type = "16" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ services\{string1}{string2} Start = "2" HKEY_LOCAL_MACHINE\SYSTEM
registry entries: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ services\{string1}{string2} Type = "16" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ services\{string1}{string2} Start = "2" HKEY_LOCAL_MACHINE\SYSTEM
pictures\\ \\public\\videos\\sample videos\\ \\tor browser\\ Avoids infecting system with the following OS Language Code: 1049 - Russian 1058 - Ukrainian 1059 - Belarusian 1064 - Tajik (Cyrillic) 1067 -
CVE-2010-3654 Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or
Information Theft This Trojan Spy gathers the following data: Machine Name System Locale OS Version Running Processes Other Details This Trojan Spy connects to the following website to send and receive