Search
Keyword: troj_cryptesla
The malicious files <i>flash32.exe</i> and <i>kbflashUpd.dll</i> are detected as TROJ_FLASHUP.A and TROJ_FLASHUP.B, respectively. These are the
http://sjc1-te-cmsap1.sdi.trendnet.org/dumpImages/31122009122650.jpeg How does this threat get into users' systems? Spammed messages lure users into downloading an electronic game related to the 2009
This Trojan downloads updated copies of itself from certain websites. It redirects searches to a specific IP address if the search engine URL contains certain strings. This Trojan may be dropped by
Upon execution, this worm drops files on the affected system. This worm drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system.
This malware shares code similarities with the STUXNET malware. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below. This is the Trend Micro
This Trojan launches a denial of service (DoS) attacks against websites under the .kr domain. Once these sites receive a more-than sufficient amount of requests from various sources, these sites may
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself.
This Trojan launches a denial of service (DoS) attacks against websites under the .kr domain. Once these sites receive a more-than sufficient amount of requests from various sources, these sites may
This Worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It arrives as a component bundled with malware/grayware
This is the detection for the payload related to the Hacking Team Flash zero-day affecting latest version of Flash in Windows, Mac, and Linux. Once this zero-day vulnerability has been successfully
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the dropped file(s). As a result, malicious
This Trojan connects to a malicious server to report infection and to download a file. It uses specific encrypted configuration files. It sends an HTTP request to its C&C, which contain encrypted
This malware is possibly connected with DUQU malware. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below. This Trojan arrives as a dropped
This Trojan arrives as a dropped file of another malware. It also arrives with certain files. This Trojan is registered as a service that enables it to automatically execute during startup. This
This malware is possibly connected with DUQU malware, which shares code similarities in STUXNET malware. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat
This Trojan executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. It deletes itself after execution. Installation This Trojan adds
It drops a distributed denial of service (DDoS) component that targets primary and secondary DNS name servers of record for multiple South Korean government sites. To get a one-glance comprehensive
This destructive malware causes massive data loss. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below. For the related story, you may read
This Trojan may be dropped by TROJ_GORIADU.DRP. This malicious .DLL file decrypts the encrypted file {Varies}.XML located in the %Program Files%\baidu folder, which is included in the malware
This malware leverages the anticipated Apple's iPhone 5 as a social engineering hook. Spammed messages with a subject referring to the availability of iPhone 5 in black were found to contain a link