Search
Keyword: HTML_AGENT
RUSTOCK malware are mostly backdoors, Trojans, and rootkits that have been downloaded by other malware such as BREDOLAB and VIRUX . This arrival routine was observed in website compromises seen in
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
Profile%\HTML Help\HTML Help.exe %User Profile%\Media Index\Media Index.exe %User Profile%\Media Player\Media Player.exe %User Profile%\Network\Network.exe %User Profile%\User Account Pictures\User Account
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan may arrive bundled with malware packages as a malware component. Arrival Details This Trojan may arrive bundled with malware packages as a malware component. Dropping Routine This Trojan
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Installation This Trojan creates the following folders: %User Profile%\Microsoft\HTML Help (Note:
following file extensions: asp htm html It then appends an iframe to these files that redirects users to http://{BLOCKED}g08.com/down/htmmm/mm.Htm . Infected files are detected as HTML_IFRAME.QT. It also
This Trojan may be hosted on a website and run when a user accesses the said website. It requires its main component to successfully perform its intended routine. Arrival Details This Trojan may be
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
This malware steals information that can compromise the user's online credentials and accounts. It also uses the Skype messenger application to distribute various threats, including ransomware,
This Trojan attempts to steal sensitive online banking information, such as user names and passwords. This routine risks the exposure of the user's account information, which may then lead to the
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes then deletes itself afterward. It modifies
into HTML files Join an IRC channel Log in to FTP sites Perform Slowloris, UDP, and SYN flooding Run Reverse Socks4 proxy server Send MSN Messenger messages Steal login credentials Update itself Visit a
Web page, this HTML script launches a hidden IFRAME that connects to a malicious URL. It redirects browsers to certain sites. Arrival Details This Trojan may be hosted on a website and run when a user
This Trojan may be dropped by other malware. It does not have any propagation routine. It does not have any backdoor routine. When users agree to buy the software, it connects to a certain URL. It
This spyware may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It modifies the Internet Explorer Zone Settings. It connects to certain
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. Arrival Details This Trojan arrives as an attachment to email messages spammed by other