Search
Keyword: chopper.ac!mtb
" This report is generated via an automated analysis system. Trojan:Win32/Predator.BC!MTB [non_writable_container] (Microsoft); Trojan-AitInject.aq (McAfee); Trojan-PSW.Win32.Azorult.akre (Kaspersky);
generated via an automated analysis system. Trojan:Win32/AgentTesla.CA!MTB (Microsoft); Fareit-FQA!9F7DD816FAFE (McAfee); Trojan.Win32.VBKryjetor.cisb (Kaspersky); Mal/FareitVB-N (Sophos);
This report is generated via an automated analysis system. Trojan:Win32/Bunitu.PVM!MTB (Microsoft); Trojan-Banker.Win32.Qbot.uqg (Kaspersky); Troj/Qbot-FS (Sophos); Trojan.Win32.Generic!BT (Sunbelt)
!MTB (Microsoft); Trojan-Banker.Win32.Trickster.hxt (Kaspersky); Troj/Trickbo-VG (Sophos); Trojan.Win32.Generic!BT (Sunbelt)
malicious template file: https://{BLOCKED}.vg/keKOnZwv which wil be redirected to https://{BLOCKED}in.com/5819734678713827 Exploit:O97M/CVE-2017-0199.RVFN!MTB (MICROSOFT) Downloaded from the Internet, Dropped
server to execute arbitrary commands from a remote user {BLOCKED}.{BLOCKED}.{BLOCKED}.74 Backdoor:Linux/Dakkatoni.az!MTB (MICROSOFT) Dropped by other malware, Downloaded from the Internet Connects to
Trojan:MSIL/AgentTesla.PK!MTB (MICROSOFT)
the following possibly malicious URL: {BLOCKED}l.com/j8Mq {BLOCKED}.{BLOCKED}.3.116/dhl_shipping/dhl.doc However, as of this writing, the said sites are inaccessible. Exploit:O97M/CVE-2017-0199.RV!MTB
}aumacentre.com:443 Trojan-Downloader.XLM.Agent (Ikarus), TrojanDownloader:O97M/Qakbot.AMDA!MTB (Microsoft)
full path} , DllRegisterServer (Note: %System% is the Windows system folder, where it usually is C:\Windows\System32 on all Windows operating system versions.) Trojan:Win32/Emotet.SM!MTB (MICROSOFT)
Characters}.zip NOTES: This Trojan does the following: It displays the following image to lure the user: TrojanDropper:HTML/Qakbot.RVA!MTB (MICROSOFT) Downloaded from the Internet, Dropped by other malware
Details This Rootkit does the following: It terminates processes using its Process ID (PID). Trojan:Win64/Rootkit.MA!MTB (MICROSOFT) Downloaded from the Internet, Dropped by other malware Terminates
\CurrentControlSet\ Services\Tcpip\Parameters It connects to the following possibly malicious URL: {BLOCKED}.{BLOCKED}.{BLOCKED}.143 Trojan:Win64/Farfli.AFA!MTB (MICROSOFT) Downloaded from the Internet, Dropped by
\Software\VB and VBA Program Settings\ Progresser2\outtradings Baakersrindu4 = "Toreado" This report is generated via an automated analysis system. Trojan:Win32/Fareit!MTB (Microsoft); Fareit-FSJ!F386256C498C
analysis system. Exploit:O97M/CVE-2017-11882.SS!MTB (Microsoft); Exp.CVE-2017-11882!g2 (Symantec); HEUR:Exploit.MSOffice.Generic (Kaspersky)
an automated analysis system. TrojanDownloader:O97M/Emotet.QV!MTB (Microsoft); W97M/Dropper.cu (McAfee)
an automated analysis system. TrojanDownloader:O97M/Emotet.TA!MTB (Microsoft); W97M/Downloader.afo, W97M/Downloader.ate (McAfee)
automated analysis system. Trojan:Win32/IStartSurf.MV!MTB (Microsoft); IStartSurf. (McAfee); Trojan.Win32.Biodata.fqxg (Kaspersky); Win32.Malware!Drop (Sunbelt)
the Windows system folder, where it usually is C:\Windows\System32 on all Windows operating system versions.) This report is generated via an automated analysis system. Backdoor:MSIL/Remcos!MTB
an automated analysis system. TrojanDownloader:O97M/Emotet.QV!MTB (Microsoft); W97M/Dropper.cu (McAfee)