Search
Keyword: troj_crypctb
Installation This Trojan drops the following copies of itself into the affected system: %Windows%\Winece.exe (Note: %Windows% is the Windows folder, which is usually C:\Windows or C:\WINNT.)
This Trojan arrives as attachment to mass-mailed email messages. As of this writing, the said sites are inaccessible. Arrival Details This Trojan arrives as attachment to mass-mailed email messages.
This Trojan may be dropped by other malware. It arrives as a component bundled with malware/grayware packages. It may be injected into processes running in memory. It requires its main component to
This Trojan is an installer of a rogue antivirus program called Spyware Cleaner 2010 V4.05. It asks the user to purchase the full version of the software. It then connects to a certaijn website where
Installation This Trojan drops the following copies of itself into the affected system: %Application Data%\hotfix.exe (Note: %Application Data% is the current user's Application Data folder, which is
This malware randomly chooses its name randomly as well as uses the Operating System of the affected system in its name. It displays rogue antivitus alerts, and redirects users to different websites.
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It accesses websites to download files. This action allows this malware to
It takes advantage of vulnerabilities in Microsoft Office that could allow remote code execution (MS10-087). After successfully exploiting the said vulnerability, it drops a file detected as
This malicious DLL file queries and reads a certain registry key which may be created by its main component. Based on its code, this registry key contains a series of codes which may include the
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It attempts to steal sensitive online banking
The added .JOB files (scheduled tasks) attempt to access a URL. The said URL only displays a nonmalicious image when accessed. It may require additional parameters to download other possibly
This Trojan may be downloaded by other malware/grayware/spyware from remote sites. It may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It
This Trojan executes then deletes itself afterward. Installation This Trojan executes then deletes itself afterward. Other System Modifications This Trojan adds the following registry entries:
It downloads an updated copy of itself from certain websites. This Trojan may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while
This Trojan deletes itself after execution. Installation This Trojan drops the following files: {malware path}\{malware file name} Other Details This Trojan deletes itself after execution.
Autostart Technique This Trojan adds the following registry keys to install itself as a Browser Helper Object (BHO): HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\ Windows\CURRENTVERSION\Explorer\ Browser
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. Arrival Details This Trojan arrives as an attachment to email messages spammed by other
This Trojan may be unknowingly downloaded by a user while visiting malicious websites. This file contains a URL where it connects to possibly download other files. It deletes itself after execution.
Trend Micro has flagged this Trojan as noteworthy due to the increased potential for damage, propagation, or both, that it possesses. To get a one-glance comprehensive view of the behavior of this
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded