Keyword: JS_EXPLOIT
10610 Total Search   |   Showing Results : 421 - 440
This Trojan may be hosted on a website and run when a user accesses the said website. It is a component of other malware. Once a compromised site is visited, the user is redirected to a certain
following means: delivered by exploit kits Installation This Trojan drops the following component file(s): For Windows XP and below: %User Startup%\!{unique ID}{random character 1}.lnk - component that
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. This malware arrives via the following means: delivered by exploit kits Installation This Trojan
_RECoVERY_+{random letters}.txt, _RECoVERY_+{random letters}.html to the folders where the files are encrypted. It does not have rootkit capabilities. It does not exploit any vulnerability. Ransom.TeslaCrypt
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
letters}.png, _RECoVERY_+{random letters}.txt , and _RECoVERY_+{random letters}.html to the folders where the files are encrypted: It does not have rootkit capabilities. It does not exploit any
hosting Angler Exploit Kit. As such, it puts user systems at risk of being infected with this TeslaCrypt Ransomware. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the
in all fixed, removable, and network drives and shares. It opens the following ransom notes after encryption: It does not have rootkit capabilities. It does not exploit any vulnerability.
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies the Internet Explorer Zone Settings. It
capabilities. It does not exploit any vulnerability. W32/Locky.A!tr (Fortinet); Trojan-Ransom.Win32.Locky.bm (Kaspersky); Ransom.Locky (Malwarebytes); Ransom:Win32/Locky.A (Microsoft) Downloaded from the Internet
deceive users that it is a normal file. It does not have rootkit capabilities. It does not exploit any vulnerability. Dropped by other malware, Downloaded from the Internet Connects to URLs/IPs, Compromises
then opens the file 02100204.ppt to deceive users that it is a normal file. It does not have rootkit capabilities. It does not exploit any vulnerability. Backdoor.Emduvi!gen1 (Symantec);
performing a Sleep command. It does not have rootkit capabilities. It does not exploit any vulnerability. Troj/Emdivi-A (Sophos); HEUR:Trojan.Win32.Generic (Kaspersky); Backdoor.Emdivi!gen1 (Symantec)
itself after execution. NOTES: It does not have rootkit capabilities. It does not exploit any vulnerability. It performs a man-in-the-browser attack, in which codes are injected into the browser in order
files OS architecture (if 64-bit) victim ID NOTES: It changes the wallpaper with the following image: It drops the following ransom note: It does not have rootkit capabilities. It does not exploit any
It does not exploit any vulnerability. Worm:Win32/Dorkbot.I (Microsoft) Propagates via instant messaging applications, Downloaded from the Internet, Propagates via removable drives Steals information,
not exploit any vulnerability. Ransom:Win32/Locky.A (Microsoft), Trojan-Ransom.Win32.Locky.wmg (Kaspersky), Dropped by other malware, Downloaded from the Internet Encrypts files, Connects to URLs/IPs,
does not have rootkit capabilities. It does not exploit any vulnerability. Dropped by other malware
NOTES: It changes the wallpaper with the following image: It drops the following ransom note: It does not have rootkit capabilities. It does not exploit any vulnerability. Ransom.Locky (Malwarebytes);