Search
Keyword: URL
request to the remote URL to download a file which it executes on the machine. It then sends the results of the executed file back to the remote server. Dropped by other malware Connects to URLs/IPs,
This Trojan Spy connects to the following Facebook URL to steal victim's information: https://secure.facebook.com/payments/settings/payment_methods/?__a=1
URL to steal victim's information: https://secure.facebook.com/payments/settings/payment_methods/?__a=1 https://www.facebook.com//bluebar/modern_settings_menu/ https://www.facebook.com/bookmarks/pages
('Net'+'.'+'Webc'+'lient'))).(('Downloadst'+'ri'+'ng')).InVokE((('http:'+'//{BLOCKED}'+'{BLOCKED}'+'{BLOCKED}'+'{BLOCKED}l.com/les'+'s.'+'da'+'t')))) It connects to the following URL to execute a malicious script: http://
said sites are inaccessible. Other Details This Exploit does the following: It connects to the following URL to execute a malicious script: https://a.{BLOCKED}o.{BLOCKED}e/wxbdpx.hta The malicious script
Socks proxy (port to use, IP address to allow, IP address to deny, User-Agent, view server info, end proxy service) List, add, delete, or modify a user account Download file from a URL Share a shell
Details This Trojan does the following: Executes a script from the URL http://{BLOCKED}u.com/3? - script that connects to the URLs mentioned above to download and execute a malicious file
OSX_WIRELURK.A) enables the malware to download an updated copy of itself from the server and save it as follows: /usr/local/machook/update/update.zip It connects to the following URL to retrieve a link of its
contains textbox for username/email and password. Upon clicking the "Download File" button on the pop-up window, the malware will connect to this malicious URL to send the stolen information (username and
contains textbox for username/email and password. Upon clicking the "Download File" button on the pop-up window, the malware will connect to this malicious URL to send the stolen information (username and
inaccessible. Other Details This Exploit does the following: It connects to the following URL to execute a malicious script: https://{BLOCKED}in.com/raw/{BLOCKED}bB The malicious script may contain the following
the following URL to download and execute arbitrary malicious code: http://{BLOCKED}.{BLOCKED}.227.242/qa.ph However, as of this writing the said site is inaccessible. Terminates running svchost.exe
inaccessible. Download Routine This Trojan downloads the file from the following URL and renames the file when stored in the affected system: http://www.{BLOCKED}a-fazendacnpj.info/01-12-2015/Mseserver.html
events Obtain promo offers and post them Comment on fanpage posts It connects to the following URL to generate click profits: http://{BLOCKED}s.{BLOCKED}g.us http://{BLOCKED}r.info/adlinks.php Here are
remote attackers to read arbitrary cookies via a crafted HTML document, as demonstrated by a URL with file://example.com/C:/ at the beginning. mozilla firefox 0.1,mozilla firefox 0.10,mozilla firefox
Trojan downloads the file from the following URL and renames the file when stored in the affected system: {BLOCKED}e.be/shop/misc/textarea.exe www.{BLOCKED}orship.org/images/index.exe It saves the files it
Trojan downloads the file from the following URL and renames the file when stored in the affected system: https://{BLOCKED}d.co.il/images/navigation.exe It saves the files it downloads using the following
malicious routines of the downloaded files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the
from the following URL and renames the file when stored in the affected system: http://{BLOCKED}uxcanwu2ru.top/log.php?f=400 It saves the files it downloads using the following names: %User Temp%\{random
following URL and renames the file when stored in the affected system: http://{BLOCKED}eimdoctor.biz/1xxquux http://{BLOCKED}aauto.com/tyknnq http://{BLOCKED}aginas.com/kftx6100 http://{BLOCKED}ch.at/rp9uyjw6