Search
Keyword: HTML_ADODB
KOOBFACE malware are known for targeting the social networking site Facebook to spread via infected wall posts. It was first spotted in 2008, but KOOBFACE was at the height of its operations in 2009
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
Gold 3.0\400000d00002i %User Profile%\ChordWizard Songtrix Gold 3.0\%AppData% %User Profile%\%AppData%\Microsoft %User Profile%\Microsoft\HTML Help (Note: %System Root% is the root folder, which is
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
RUSTOCK malware are mostly backdoors, Trojans, and rootkits that have been downloaded by other malware such as BREDOLAB and VIRUX . This arrival routine was observed in website compromises seen in
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This Trojan may be hosted on a website and run when a user accesses the said website. It requires its main component to successfully perform its intended routine. Arrival Details This Trojan may be
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
Profile%\HTML Help\HTML Help.exe %User Profile%\Media Index\Media Index.exe %User Profile%\Media Player\Media Player.exe %User Profile%\Network\Network.exe %User Profile%\User Account Pictures\User Account
\vmkl %User Profile%\Microsoft\HTML Help (Note: %Program Files% is the default Program Files folder, usually C:\Program Files.. %User Profile% is the current user's profile folder, which is usually C:
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
\RECYCLER\S-2-35-91-1935983697-21235429265-18132174531-12132143-3243252-231-9890741 %User Profile%\Microsoft\HTML Help (Note: %System Root% is the root folder, which is usually C:\. It is also where the
FindFirstFileW FindNextFileW RegEnumValueA RegEnumValueW It hooks the following API calls to search for network traffic for a predetermined HTML elements: InternetCloseHandle InternetQueryDataAvailable
following file extensions: asp htm html It then appends an iframe to these files that redirects users to http://{BLOCKED}g08.com/down/htmmm/mm.Htm . Infected files are detected as HTML_IFRAME.QT. It also