Search
Keyword: URL
downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where this malware downloads
malware/grayware or malicious users. Installation This Trojan drops and executes the following files: %User Temp%\ooJHggggcgjc.vbs -> capable of connecting to a possibly malicious URL to download a file (Note: %User
without httPort and headless ./{numbers} -c Process that uses the following URL and Ports: {BLOCKED}.{BLOCKED}.55.86:443 {BLOCKED}.{BLOCKED}.65.238 {BLOCKED}.{BLOCKED}.52.87 :433 :23 :443 :143 :2222
HeartbeatTime = {Random number} Other Details This Adware does the following: It gets information from the following URL via HTTP GET: http://app.{BLOCKED}u.com/Offers?url=silent%20download&id={Random numbers
Password: root admin admin123 huigu309 xc3511 vizxv It is capable of dropping downloader binaries depending on the system architecture. The dropped binary accesses the following URL to download its payload:
Framework Metaclass.Java URL Remote Code Execution Apache CouchDB Remote Code Execution Exim Remote Code Execution Nexus Repository Manager 3 Remote Code Execution Atlassian JIRA Template Injection
}o.com/Default.jsp -> redirects to the 2nd URL https://www.{BLOCKED}mains.com/domain_profile.cfm?d=wesogo&e=com Trojan.MauvaiseRI.S5253068(QUICKHEAL); Downloaded from the Internet, Dropped by other malware
Party Poker Paypal Poker Stars Skrill It connects to the following URL to test the network speed: https://www.{BLOCKED}oject.com It connects to the following URLs to get the public IP address and ISP
authenticate to a Google Sheets API and access a malicious Google spreadsheet. It sends and stores the gathered information to the following malicious Google spreadsheet URL via HTTP PUT method: https://{BLOCKED
"ldap.bigfoot.com" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP URL = "http://www.{BLOCKED}t.com" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts
" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP URL = "http://www.{BLOCKED}t.com" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP Search
Manager\Accounts\Bigfoot LDAP URL = "http://www.{BLOCKED}t.com" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP Search Return = "64" HKEY_CURRENT_USER\Software\Microsoft
\Accounts\Bigfoot LDAP URL = "http://www.{BLOCKED}t.com" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP Search Return = "64" HKEY_CURRENT_USER\Software\Microsoft
Manager\Accounts\Bigfoot LDAP URL = "http://www.{BLOCKED}t.com" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP Search Return = "64" HKEY_CURRENT_USER\Software\Microsoft
" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP URL = "http://www.{BLOCKED}t.com" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP Search
\Accounts\Bigfoot LDAP URL = "http://www.{BLOCKED}t.com" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP Search Return = "64" HKEY_CURRENT_USER\Software\Microsoft
Manager\Accounts\Bigfoot LDAP URL = "http://www.{BLOCKED}t.com" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP Search Return = "64" HKEY_CURRENT_USER\Software\Microsoft
Manager\Accounts\Bigfoot LDAP Server = "ldap.bigfoot.com" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP URL = "http://www.{BLOCKED}t.com" HKEY_CURRENT_USER\Software
" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP Server = "ldap.bigfoot.com" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP URL = "http://www.
" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP Server = "ldap.bigfoot.com" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP URL = "http://www.