Search
Keyword: chopper.ac!mtb
Trojan does the following: The document contains the following message details luring users to enable macro content: TrojanDownloader:O97M/Obfuse.NO!MTB (Microsoft); Trojan-Downloader.VBA.Emotet (Ikarus)
{malware file path and name} This report is generated via an automated analysis system. Trojan:Win32/CryptInject.PVDS!MTB (Microsoft); Emotet-FLI!9409B2B42A85 (McAfee); Trojan-Banker.Win32.Qbot.hpg
Ransom:MSIL/Sapphire.DEA!MTB (MICROSOFT); HEUR:Trojan.MSIL.Diztakun.gen (KASPERSKY) Downloaded from the Internet Displays message/message boxes, Encrypts files
is the Windows system folder, where it usually is C:\Windows\System32 on all Windows operating system versions.) This report is generated via an automated analysis system. Trojan:Win32/Predator.BC!MTB
report is generated via an automated analysis system. Trojan:Win32/Predator.BC!MTB [non_writable_container] (Microsoft); Trojan-AitInject.aq (McAfee); Trojan.Win32.Gorgon.byh (Kaspersky)
following files: {malware file path and name} This report is generated via an automated analysis system. Trojan:Win32/TrickBot.PVK!MTB (Microsoft); GenericRXJH-ZH!6483D96EF719 (McAfee);
TrojanDownloader:O97M/Emotet.QU!MTB (Microsoft); Trojan-Downloader.VBA.Emotet (Ikarus)
}t.info/clickandbuilds/mV8Sn/ http://{BLOCKED}apduochanoi.info/wp-admin/w3pg1ny/ TrojanDownloader:O97M/Emotet.UH!MTB (Microsoft); Trojan-Downloader.VBA.Emotet (Ikarus)
generated via an automated analysis system. Trojan:Win32/TrickBot.ARJ!MTB (Microsoft); GenericRXJJ-VH!B13F75E0D743 (McAfee); Trojan-Banker.Win32.Trickster.hvd (Kaspersky); Trojan.Win32.Generic!BT (Sunbelt)
This report is generated via an automated analysis system. Trojan:Win32/Skeeyah.HK!MTB (Microsoft); GenericRXIU-PF!92F54D201C60 (McAfee); Trojan-PSW.Win32.Azorult.acjj (Kaspersky); Trojan.Win32.Generic
system. Trojan:Win32/Delf.A!MTB (Microsoft); Trojan.Win32.Delf.tind (Kaspersky); Mal/Generic-L (Sophos); Win32.Malware!Drop (Sunbelt)
the following possibly malicious URL: {BLOCKED}cids.com/koorsh/soogar.php?l=sprivy1.cab However, as of this writing, the said sites are inaccessible. TrojanDownloader:O97M/Ursnif.AY!MTB (MICROSOFT);
Trojan:Win32/Emotet.C!MTB (Microsoft); Trickbot-FWN!6DF8F73ED1E1 (McAfee); Trojan-Dropper.Win32.Dapato.pyyj (Kaspersky); Mal/EncPk-APC (Sophos); Trojan.Win32.Generic!BT (Sunbelt)
(64-bit) and 10(64-bit).) This report is generated via an automated analysis system. Trojan:Win32/AutoitInject.BH!MTB (Microsoft); Trojan-AitInject.aq (McAfee); HEUR:Trojan.MSOffice.Generic (Kaspersky);
Windows system folder, where it usually is C:\Windows\System32 on all Windows operating system versions.) This report is generated via an automated analysis system. Trojan:Win32/Predator.BC!MTB
files it downloads using the following names: %User Temp%vido.com %User Temp%sfera %User Temp%dKNP.com As of this writing, the said sites are inaccessible. TrojanDownloader:O97M/Powdow.ARJ!MTB (MICROSOFT
}\AppData\Local\Temp on Windows Vista, 7, 8, 8.1, 2008(64-bit), 2012(64-bit) and 10(64-bit).) This report is generated via an automated analysis system. Trojan:Win32/Trickbot.KMG!MTB (Microsoft)
C:\Users\{user name}\AppData\Local\Temp on Windows Vista, 7, 8, 8.1, 2008(64-bit), 2012(64-bit) and 10(64-bit).) This report is generated via an automated analysis system. Trojan:Win32/Ursnif.A!MTB
string} = "{random characters}" This report is generated via an automated analysis system. Trojan:Win32/Injector.AJ!MTB (Microsoft); Fareit-FQB!7E60190E85C8 (McAfee); Backdoor.Win32.Remcos.izk (Kaspersky);
{BLOCKED}m.br/wp-admin/js/main/apos.exe This report is generated via an automated analysis system. TrojanDownloader:O97M/Betabot.A!MTB (Microsoft); LooksLike.Macro.Malware.gen!x3 (v) (Sunbelt)