Search
Keyword: os2first
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing,
This is an AndroidOS malware with backdoor capabilities. It drops a file that creates an IRC connection where it receives commands, thus compromising the affected system's security for the user. It
This Trojan may be dropped by other malware. Arrival Details This Trojan may be dropped by the following malware: TROJ_DROPR.TYGS NOTES: It connects to the URL http://{BLOCKED}1.{BLOCKED
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the files it drops, prompting the affected
systems unlocked. Should the user pay the required amount of money, the attacker sends them a code to unlock the system. The OS resumes loading and the infected MBR removed. This Trojan arrives on a system
(OS) Type OS Version and build User's privilege level Protect itself from being tampered or deleted by hooking certain APIs. Modify the following files to make its removal more difficult: cipconfig.exe
This adware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This adware arrives on a system as a
downloading capability. Information Theft This worm gathers the following data: Windows OS version Machine Names / IP Adresses of computers in the network User names and passwords of network share accounts Drop
\Temp on Windows Vista and 7.) Information Theft This backdoor gathers the following data: Host Name Local IP Address Proxy Server (if any) Currently logged on user name System directory OS and System
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
?hwid={HWID}&pc={Host Name}&localip={Local IP Address}&winver={OS Version} Information Theft This backdoor gathers the following data: Hardware Identification (HWID) Host Name Local IP Address OS Version
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the files it drops, prompting the affected
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This spyware arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This malware is able to send an SMS to a Chinese premium number. As a result, affected users are charged without their knowledge. To get a one-glance comprehensive view of the behavior of this
with System and Read-only attributes: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced Hidden = 2 (Note: The default value data of the said registry entry is 1 .)
values) Device locale setting Device brand Device manufacturer Device Model OS version SDK version These data are used as unique identifiers for the affected device. C&C URL: http://www.{BLOCKED
It connects to a specific site to send the system information. It connects to the following site to receive commands from a remote user. This Trojan may be dropped by other malware. Arrival Details
\Parameters ServiceDll = "%System%\midimapbits.dll" (Note: The default value data of the said registry entry is "%System%\qmgr.dll" .) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\BITS Start = "2" (Note:
Information Theft This Trojan gathers the following data: Computer Name OS version Service Pack Other Details This Trojan connects to the following URL(s) to get the affected system's IP address: