Keyword: URL
43774 Total Search   |   Showing Results : 2221 - 2240
The URL where this malware downloads the said file depends on the following parameter(s) passed on to it by its components: igAGgYDI lKnm jkfcQz Other Details This Trojan requires its main component to
downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the following parameter(s) passed on to it by its components: val prime Other Details This
result, malicious routines of the downloaded files are exhibited on the affected system. NOTES: This malware connects to the following URL http://{BLOCKED}.{BLOCKED}.49.18/img?k=316serena123456aaaac&v=1 to
This Trojan may arrive bundled with malware packages as a malware component. It may be hosted on a website and run when a user accesses the said website. It downloads a file from a certain URL then
\Local Settings\Temp on Windows 2000, XP, and Server 2003, or C:\Users\{user name}\AppData\Local\Temp on Windows Vista and 7.) It downloads a possibly malicious file from a certain URL. The URL where this
files. As a result, malicious routines of the downloaded files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said
download its configuration file: http://{BLOCKED}n.com/jck/cfg.bin Its configuration file contains the following information: List of strings it will monitor usually related to banking URL to send stolen
from a certain URL. The URL where this malware downloads the said file depends on the parameter passed on to it by its components. Other Details This Trojan executes the downloaded file using the
TROJ64_INSTOL.USR passes the encrypted URL to this DLL component. This DLL component has only one export function named ExportFunc which is repeatedly executed. Dropped by other malware, Downloaded from the Internet,
arbitrary file [UDP] - Starts UDP Flooding [OpenURL] - Opens a URL using a hidden browser [SYN] Sends a SYN Flood [Get] Sends GET floods [Post] Sends POST floods Other Details This backdoor uses the following
result, malicious routines of the downloaded files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends
then executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where
{Malware Path and Filename}" Backdoor Routine This backdoor executes the following commands from a remote malicious user: udp: Start UDP flood syn: Send SYN flood exec: Perform remote shell openurl: Open URL
files. As a result, malicious routines of the downloaded files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said
\Documents and Settings\{user name} on Windows 2000, XP, and Server 2003, or C:\Users\{user name} on Windows Vista and 7.) It downloads a possibly malicious file from a certain URL. The URL where this malware
HKEY_CURRENT_USER\Software\Microsoft\ Internet Explorer\Main TabProcGrowth = "0" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\URL SystemMgr = "Del" Other Details This Trojan connects to the following
Bulletin APSB08-13 Adobe Security Bulletin APSB08-19 Adobe Security Bulletin APSB09-04 Adobe Security Advisory APSA09-07 NOTES: If the URL is still accessible, it downloads a file and executes the following
file and modifies it so that it runs the malware on system startup The patched driver is detected by Trend Micro as PE_TDSS.A. Encrypts the data and passes the information as parameter to the server URL
{BLOCKED}l.net/img/pt.png http://{BLOCKED}l.net/img/fr.jpg It saves the files it downloads using the following names: %System Root%\jamesdat.exe - detected as TROJ_AGENT.AUCU %System%\igfxtrai.exe - URL
URL in which an updated copy or another malware can be downloaded. It saves this information to the following registry entry: HKEY_CLASSES_ROOT\idid url{number} = "{hex data}"