Search
Keyword: Mal_SageCrypt
It drops and executes a file detected as BKDR_TDSS.JAS. This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It executes the
This Trojan may be dropped by other malware. It connects to certain URLs. It may do this to remotely inform a malicious user of its installation. It may also do this to download possibly malicious
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It executes the downloaded files. As a result, malicious routines of the
It drops a copy of itself. It also drops a .SYS file detected as BKDR_TDSS.OW. It creates files in the last sector of the disk. This Trojan may be dropped by other malware. It may be unknowingly
It adds strings to the Windows HOSTS file. This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. However, as of this writing, the
Autostart Technique This Trojan adds the following registry entries to enable its automatic execution at every system startup: HKEY_CLASSES_ROOT\CLSID\{AFD4AD01-58C1-47DB-A404-FBE00A6C5486}
This Trojan connects to URLs to download other possibly malicious files and configuration files. It checks and reports to the URLs if certain processes are running on the system. This Trojan may be
This spyware is injected into all running processes to remain memory resident. It attempts to steal information, such as user names and passwords, used when logging into certain banking or
This worm arrives by connecting affected removable drives to a system. It deletes registry entries, causing some applications and programs to not function properly. It drops an AUTORUN.INF file to
This worm arrives by connecting affected removable drives to a system. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system.
This worm drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. It deletes itself after execution. Installation This worm drops
This worm arrives by connecting affected removable drives to a system. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system.
This worm propagates by sending messages containing links to sites where it can be downloaded. It scans the infected system for email addresses and then sends the stolen information to a server via
This Trojan is a configuration file dropped by variants of WORM_QAKBOT malware. It contains the following information: URL where it can download an updated copy of its configuration file. FTP and IRC
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan deletes itself after execution. Installation This Trojan drops the following copies of itself into the affected system: %System%\{random filename}.exe (Note: %System% is the Windows
This spyware is injected into all running processes to remain memory resident. It attempts to steal information, such as user names and passwords, used when logging into certain banking or
This Backdoor may be dropped by TROJ_DLLSERV.AE. Its main component registers this malicious .DLL file as a service by creating registry entries. It opens Port 8883, where it listens for remote
This worm drops copies of itself in all removable drives. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. Installation
This worm executes then deletes itself afterward. It is injected into all running processes to remain memory resident. It modifies registry entries to hide files with System and Read-only attributes.