Search
Keyword: W2KM_DLOADER.BVFO
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
This worm arrives via removable drives. It modifies certain registry entries to hide file extensions. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This spyware arrives on a system as a
WallpaperStyle = "0" (Note: The default value data of the said registry entry is 2 .) HKEY_CURRENT_USER\Control Panel\Desktop SCRNSAVE.EXE = "%System%\Windows_3D.scr" (Note: The default value data of the said
Episode 2 - Attack Of The Clones Full Downloader.exe %Temp%\Jenna Jameson - Built For Speed Downloader.exe %Temp%\[DiVX] Lord of The Rings Full Downloader.exe %Temp%\[DiVX] Harry Potter And The Sorcerors
Episode 2 - Attack Of The Clones Full Downloader.exe %Temp%\Jenna Jameson - Built For Speed Downloader.exe %Temp%\[DiVX] Lord of The Rings Full Downloader.exe %Temp%\[DiVX] Harry Potter And The Sorcerors
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are
\version me = 2 HKEY_CURRENT_USER\Software\VB and VBA Program Settings\ titta\version me = 1 HKEY_CURRENT_USER\Software\VB and VBA Program Settings\ noGods\appActive service.exe = {data} HKEY_CURRENT_USER
This malware is a variant of the SOREBRECT malware that Trend Micro discovered on June 2017. It sports fileless, code-injecting capabilities. Users affected by this malware may find their critical
This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Backdoor arrives on a system as a
This Spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Spyware arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself.
\CurrentControlSet\ Services\{random characters} Start = 2 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\{random characters} ErrorControl = 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\{random
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies the Internet Explorer Zone Settings. It
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It does not
" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\WhoWhere LDAP Server ID = "3
This ransomware uses Windows PowerShell to encrypt files. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below. This Trojan arrives on a
This adware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be manually installed by a user. Arrival Details
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
333333 33333 3333 333 33 3 22222222 2222222 222222 22222 2222 222 22 2 11111111 1111111 111111 11111 1111 111 11 1 00000000 0000000 00000 0000 000 00 0987654321 987654321 87654321 7654321 654321 54321 4321