Search
Keyword: microsoft internet explorer
path and file name}.docx Other System Modifications This Trojan modifies the following file(s): %Application Data%\Microsoft\Office\Word12.pip (Note: %Application Data% is the current user's Application
\Microsoft\Office\Word12.pip (Note: %Application Data% is the current user's Application Data folder, which is usually C:\Documents and Settings\{user name}\Application Data on Windows 2000(32-bit), XP, and
\Microsoft\Office\Word12.pip (Note: %Application Data% is the current user's Application Data folder, which is usually C:\Documents and Settings\{user name}\Application Data on Windows 2000(32-bit), XP, and
(CVE-2019-11043) Web Server IIS 1010115* - Microsoft Windows WebDAV Path Parsing Command Injection Remote Code Execution Vulnerability Integrity Monitoring Rules: There are no new or updated Integrity Monitoring
(CVE-2022-36804) DCERPC Services - Client 1011517* - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (DogWalk) Over SMB (CVE-2022-34713) HP Intelligent Management Center (IMC)
Web Panel Multiple SQL Injection Vulnerabilities DCERPC Services - Client 1011436 - Microsoft Windows RPC Remote Code Execution Vulnerability (CVE-2022-26809) Web Application Common 1010199* - Microsoft
adds the following registry entries to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Windows NT Service = "%Application Data%
(BitDefender), TrojanDownloader:Win32/Upatre!rfn (Microsoft), Trojan-Downloader.Win32.Upatre.vry (Kaspersky) Dropped by other malware, Downloaded from the Internet Connects to URLs/IPs, Downloads
Downloader.Upatre!gen5 (Symantec); Troj/Upatre-KU (Sophos); Trojan.Upatre.AT (BitDefender) Downloaded from the Internet Connects to URLs/IPs, Steals information, Downloads files
version Service Pack TrojanDownloader:Win32/Upatre (Microsoft), Trojan.Win32.Staser.awtu (Kaspersky), Win32/TrojanDownloader.Waski.F (Eset) Downloaded from the Internet Connects to URLs/IPs
{Malware File} Ransom.CryptXXX(Norton);Ransom:Win32/Genasom(Microsoft);Python/Filecoder.LambdaLocker.A(Eset-NOD32) Downloaded from the Internet Encrypts files, Displays message/message boxes
Mal/Elenoocka-E (SOPHOS_LITE) Downloaded from the Internet Connects to URLs/IPs, Encrypts files, Displays message/message boxes
exploit any vulnerability. Adware:Win32/OpenCandy (Microsoft), Adware-OpenCandy.dll (McAfee), Adware/OpenCandy (Fortinet) Downloaded from the Internet Connects to URLs/IPs, Drops files, Executes files
(Fortinet) Downloaded from the Internet Connects to URLs/IPs, Downloads files
(ESET-NOD32), W32/Waski.A!tr (Fortinet) Downloaded from the Internet Connects to URLs/IPs, Downloads files
,Win32/TrojanDownloader.Necurs.A trojan (Eset) Dropped by other malware, Downloaded from the Internet
Ransom:Win32/Locky (Microsoft); Trojan-Ransom.Win32.Locky.bfz (Kaspersky) Downloaded from the Internet Connects to URLs/IPs, Encrypts files, Displays message/message boxes, Steals information
affected system number of failed encrypted files number of encrypted files OS architecture (if 64bit) victim ID Ransom:Win32/Locky (Microsoft); Downloaded from the Internet Connects to URLs/IPs, Steals
64bit) victim ID Ransom:Win32/Locky (Microsoft) Downloaded from the Internet Connects to URLs/IPs, Encrypts files, Displays message/message boxes, Steals information
(Symantec) Downloaded from the Internet Connects to URLs/IPs, Displays message/message boxes, Steals information, Encrypts files