Search
Keyword: W2KM_DLOADER.BVFO
To get a one-glance comprehensive view of the behavior of this Worm, refer to the Threat Diagram shown below. This worm may arrive bundled with malware packages as a malware component. It may be
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
\Explorer\ Advanced ShowSuperHidden = "0" It modifies the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced Hidden = "2" (Note: The default value data
\Software\FirstRuxzx FirstRun = "1" It modifies the following registry entries: HKEY_CURRENT_USER\SessionInformation ProgramCount = "2" (Note: The default value data of the said registry entry is 2 .)
\AFinding Type = "10" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\AFinding Start = "2" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\AFinding DisplayName = "AFinding" HKEY_LOCAL_MACHINE
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies files, disabling programs and applications
\Tcpip\Parameters TcpMaxDupAcks = "2" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\Tcpip\Parameters LargeBufferSize = "c8" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\Tcpip\Parameters
\ControlSet001\ Services\Tcpip\Parameters TcpMaxDupAcks = "2" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\Tcpip\Parameters LargeBufferSize = "c8" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\Tcpip
\Accounts\Bigfoot LDAP Server ID = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
SackOpts = "1" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\Tcpip\Parameters DefaultTTL = "4" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\Tcpip\Parameters TcpMaxDupAcks = "2" HKEY_LOCAL_MACHINE
DisableThumbnailCache = "1" HKEY_CURRENT_USER\Software\Policies\ Microsoft\Windows\System disableCMD = "2" It modifies the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Internet Explorer\Main start
Manager\Accounts\Bigfoot LDAP Server ID = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes commands from a remote malicious user,
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes then deletes itself afterward. It modifies
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a