Search
Keyword: JS_EXPLOIT
variants to exploit certain vulnerabilities in Adobe Acrobat Reader to possibly download or drop other malicious files on the system.
This Trojan may be hosted on a website and run when a user accesses the said website. It inserts an IFRAME tag that redirects users to certain URLs. However, as of this writing, the said sites are
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be hosted on a website and run when a user
contains exploit configuration (Note: %Windows% is the Windows folder, where it usually is C:\Windows on all Windows operating system versions.) Other System Modifications This Ransomware modifies the
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be hosted on a website and run when a user
Description Name: Possible DLOADER - HTTP (Request) - Variant 6 . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Point of Entry. This also indicates a malware infection. Below are some indicators ...
Description Name: RECOZEN - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some indicators of...
Description Name: Possible DLOADER - HTTP (Request) - Variant 4 . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Point of Entry. This also indicates a malware infection. Below are some indicators ...
capabilities. It does not exploit any vulnerability. Downloader.Dashikut (Symantec), Trojan-Downloader.WinLNK.Agent.d (Kaspersky) Dropped by other malware, Downloaded from the Internet
This Trojan may be hosted on a website and run when a user accesses the said website. This is the Trend Micro detection for Web pages that were compromised through the insertion of a certain IFRAME
This Trojan is used to load and execute a file. Arrival Details This Trojan may be downloaded from the following remote sites: http://{BLOCKED}9.{BLOCKED}8.107.129/yy.html http://{BLOCKED}9.{BLOCKED
It does not exploit any vulnerability. Troj/JSRedir-RF (Sophos) Downloaded from the Internet, Dropped by other malware Connects to URLs/IPs
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
not have rootkit capabilities. It does not exploit any vulnerability. Ransom:Win32/Tescrypt!rfn (Microsoft), Mal/Ransom-EO (Sophos), Trojan/Win32.Teslacrypt.Gen (AhnLab-V3) Downloaded from the Internet
capabilities. It does not exploit any vulnerability. Spammed via email, Downloaded from the Internet Connects to URLs/IPs, Steals information
exploit any vulnerability. Win32/Wisp.T trojan(NOD32)
}t.com/dom-scripts.10232.js Other Details However, as of this writing, the said sites are inaccessible. It does not exploit any vulnerability. Trojan.Win64.Agent (IKARUS) Downloaded from the Internet, Dropped by other malware
JS_EXPLOIT.HBA connects to this site to download files.
JS_EXPLOIT.SMAD may be downloaded from this malicious URL.
JS_EXPLOIT.SMAD may be downloaded from this malicious URL.