Search
Keyword: Mal_SageCrypt
This Trojan terminates itself if it detects it is being run in a virtual environment. Installation This Trojan terminates itself if it finds the following processes in the affected system's memory:
This Trojan may arrive as a file dropped by TROJ_TDSS.WIN. Its primary function is to log the Internet browsing activities of the user by keeping a record of keywords entered in search engines. It
This worm drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. Installation This worm drops the following copies of itself
This Trojan deletes itself after execution. Installation This Trojan drops the following copies of itself into the affected system: %Windows%\Help\2ACE4CFBAF2C.exe (Note: %Windows% is the Windows
This worm drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. It connects to a website to send and receive information.
This Trojan connects to certain websites to send and receive information. Installation This Trojan drops the following copies of itself into the affected system: %System%\{random}.exe (Note: %System%
This worm drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. It opens a random port to allow a remote user to connect to the
This spyware may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It creates folders where it drops its files. It modifies the Internet
This spyware is injected into all running processes to remain memory resident. It attempts to steal information, such as user names and passwords, used when logging into certain banking or
This spyware is injected into all running processes to remain memory resident. It attempts to steal information, such as user names and passwords, used when logging into certain banking or
This worm arrives by connecting affected removable drives to a system. It may be unknowingly downloaded by a user while visiting malicious websites. It drops an AUTORUN.INF file to automatically
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops copies of itself
It displays a window upon execution. It sends ICMP PING requests to a series of IP addresses and scans for port 4899 to check if those IP addresses have RADMIN service running. Once successful, it
This backdoor may be dropped by other malware. Arrival Details This backdoor may be dropped by other malware. Installation This backdoor drops the following copies of itself into the affected system:
This backdoor modifies registry entries to disable various system services. This action prevents most of the system functions to be used. It connects to a website to send and receive information.
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It may be dropped by other malware. It may be unknowingly downloaded by a user while
This malware is a new LICAT variant that uses a different key for its domain generation algorithm. To get a one-glance comprehensive view of the behavior of this File infector, refer to the Threat
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan may be unknowingly downloaded by a user while visiting malicious websites. It connects to certain URLs. It may do this to remotely inform a malicious user of its installation. It may also
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a