Search
Keyword: tspy_zbot.ccm
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This spyware arrives on a system as a
Installation This spyware drops the following copies of itself into the affected system: %Application Data%/{random letters}/(random letters).exe (Note: %Application Data% is the Application Data
This is the download URL of TSPY_ZBOT.CGT, TSPY_ZBOT.ZQS and TSPY_ZBOT.CYR.
TSPY_ZBOT.CGT, TSPY_ZBOT.ZQS and TSPY_ZBOT.CYR access this site to download their configuration file.
TSPY_ZBOT.CGT, TSPY_ZBOT.ZQS and TSPY_ZBOT.CYR access this site to download their configuration file.
TSPY_ZBOT.CGT, TSPY_ZBOT.ZQS and TSPY_ZBOT.CYR access this site to download their configuration file.
TSPY_ZBOT.CGT, TSPY_ZBOT.ZQS and TSPY_ZBOT.CYR access this site to download their configuration file.
TSPY_ZBOT.CGT, TSPY_ZBOT.ZQS and TSPY_ZBOT.CYR access this site to download their configuration file.
TSPY_ZBOT.CGT, TSPY_ZBOT.ZQS and TSPY_ZBOT.CYR access this site to download their configuration file.
TSPY_ZBOT.BRF, TSPY_ZBOT.BRH and TSPY_ZBOT.BRK arrive as a file downloaded from this URL.
TSPY_ZBOT.BRF, TSPY_ZBOT.BRH and TSPY_ZBOT.BRK send the gathered information via HTTP POST to this URL.
TSPY_ZBOT.BRF, TSPY_ZBOT.BRH and TSPY_ZBOT.BRK access the following sites to download its configuration file.
This Trojan displays a page that prompts users to click two hyperlinks in its body. This Trojan arrives as attachment to mass-mailed email messages. This is the Trend Micro detection for files that
This spyware attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites. Infection Points This spyware arrives as a file
This spyware attempts to steal sensitive online banking information, such as user names and passwords. This routine risks the exposure of the user's account information, which may then lead to the
Installation This Trojan adds the following folders: %Windows%\efee3f32f (Note: %Windows% is the Windows folder, which is usually C:\Windows or C:\WINNT.) Autostart Technique This Trojan modifies the
This spyware attempts to steal sensitive online banking information, such as user names and passwords. This routine risks the exposure of the user's account information, which may then lead to the
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the downloaded files. As a result, malicious
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes then deletes itself afterward. It executes
This spyware attempts to steal sensitive online banking information, such as user names and passwords. This routine risks the exposure of the user's account information, which may then lead to the