Keyword: JS_EXPLOIT
10610 Total Search   |   Showing Results : 281 - 300
This malware is related to a mass compromise that leads to a series of redirections that ultimately point users to the Blackhole Exploit kit exploiting vulnerabilities cited in CVE-2010-0188 and
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. This is the Trend Micro detection for Web pages that
Micro detection for HTML files with an encrypted JavaScript in a <div> tag, and its decryptor. Samples of this malware are seen to exploit the following vulnerabilities: CVE-2010-3552 CVE-2010-4452
}iknepjet.ru:8080/forum/showthread.php?page=5fa58bce769e5c2c However, as of this writing, the said sites are inaccessible. NOTES: It does not have rootkit capabilities. It does not exploit any vulnerability. Downloaded from the Internet
?yqAFwbPCLno=5257533130&ioidSagKPlS=x&wSaZlXDijTvPq=30 2g572f5352572i572f333357312h522j2h2g562f2j&wiZCFhFFDxy=2d2b2d2b2d2b2d It does not have rootkit capabilities. It does not exploit any vulnerability.
following URLs to possibly download other malicious files: http://d.{BLOCKED}inrt.us/s.exe Trend Micro detects the dowloaded file as: TROJ_SASFIS.VR Other Details This Trojan is a zero-day exploit for the
However, as of this writing, the said sites are inaccessible. It inserts an IFRAME tag that redirects users to certain URLs. Backdoor Routine However, as of this writing, the said sites are
}epcteete.biz/3857076415/1384748340.jar NOTES: This Trojan may arrive as a part of an exploit kit. Mal/ExpJS-BP(Sophos) Downloaded from the Internet Others
firefox.exe iexplore.exe It imports rogue root certificates to browsers (Internet Explorer, Firefox). It does not have rootkit capabilities. It does not exploit any vulnerability.
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be hosted on a website and run when a user
may be downloaded from the following remote sites: Compromised or malicious sites hosting RIG EK Exploit Kit Download Routine This Trojan saves the files it downloads using the following names: %User
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
does not exploit any vulnerability. Downloaded from the Internet
ratchetmining.com slushpool stratum+ suprnova.cc teracycle.net usxmrpool viaxmr.com xmrpool yiimp zergpool zergpoolcoins zpool It is capable of propagating in the local network via the following means: SMB Exploit
}africadesigns.com/fida/wp-admin/css/colors/blue/blue.php?id={random} https://mambo-africadesigns.com/fida/wp-admin/css/colors/blue/blue.php?id={random} --> However, as of this writing, the said sites are inaccessible. It does not exploit any
install browser extension: It may change the default search website to the following URL: http://{BLOCKED}k.com/toolbarv/askRedirect.jsp?gct=&gc=1&q={searchTerms}&crm=1&toolbar=GLS It does not exploit any
are inaccessible. Information Theft This Trojan does not have any information-stealing capability. Other Details This Trojan does not exploit any vulnerability. HEUR:Trojan-Downloader.Script.SLoad.gen
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. As of this writing, the said sites are inaccessible.
This Trojan may be downloaded by other malware/grayware from remote sites. It executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the downloaded files. As a result, malicious