Search
Keyword: W2KM_DLOADER.BVFO
This malware is the final payload to the recent BlackEnergy targeted attacks that affected industries in Ukraine. The threat actors behind this attack normally use Excel files as part of their social
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
\Microsoft\ Windows\CurrentVersion\Internet Settings\ Zones\3 2001 = "2" HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Internet Settings\ Zones\3 2004 = "2" It modifies the following registry
A Trojan horse program is a malware that is not capable of automatically spreading to other systems. Trojans are usually downloaded from the Internet and installed by unsuspecting users. Trojans
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
1 .) HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Internet Settings\ Zones\2 1609 = "0" (Note: The default value data of the said registry entry is 1 .) HKEY_CURRENT_USER\Software
To get a one-glance comprehensive view of the behavior of this Backdoor, refer to the Threat Diagram shown below. This backdoor may be dropped by other malware. It executes commands from a remote
The default value data of the said registry entry is 2 .) Dropping Routine This Trojan drops the following files: %User Temp%\nsh2.tmp\Dialer.dll %User Temp%\nsh2.tmp\NSISdl.dll %User Temp%\rbvnpq.exe
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This