Search
Keyword: JS_EXPLOIT
execution of its malicious routine by performing a Sleep command. It does not have rootkit capabilities. It does not exploit any vulnerability. Downloaded from the Internet Connects to URLs/IPs, Steals
deceive users that it is a normal file. It does not have rootkit capabilities. It does not exploit any vulnerability. Dropped by other malware, Downloaded from the Internet Connects to URLs/IPs, Compromises
performing a Sleep command. It does not have rootkit capabilities. It does not exploit any vulnerability. Troj/Emdivi-A (Sophos); HEUR:Trojan.Win32.Generic (Kaspersky); Backdoor.Emdivi!gen1 (Symantec)
then opens the file 02100204.ppt to deceive users that it is a normal file. It does not have rootkit capabilities. It does not exploit any vulnerability. Backdoor.Emduvi!gen1 (Symantec);
does not have rootkit capabilities. It does not exploit any vulnerability. Backdoor.Emduvi!gen1 (Symantec); Troj/Emdivi-A (Sophos); Trojan:Win32/Xabil.A (Microsoft); W32/Emdivi.WUA!tr (Fortinet);
}s.com/version.js?appTitle=SaveSense&cb={current month integer}_{current day integer} It also affects disk cache for Mozilla when it loads the URL. It does not have rootkit capabilities. It does not exploit
This malware exploits a Windows XP/Server 2003 zero-day vulnerability. This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes the
It does not have rootkit capabilities. It does not exploit any vulnerability. Ransom:Win32/Locky (Microsoft); Ransom.Locky (Malwarebytes); Trojan-Ransom.Win32.Locky.ash (Kaspersky) Downloaded from the
It displays the following ransom note: It does not have rootkit capabilities. It does not exploit any vulnerability. Ransom:Win32/Locky.A (Microsoft), Trojan-Ransom.Win32.Locky.bol (Kaspersky),
NOTES: The following image serves as the ransom note of the malware: It does not have rootkit capabilities. It does not exploit any vulnerability. Ransom:Win32/Locky.A (Microsoft); Troj/Locky-HO (Sophos);
have rootkit capabilities. It does not exploit any vulnerability. Ransom.Locky (Symantec), Ransom:Win32/Locky.A (Microsoft), Trojan-Ransom.Win32.Locky.bom (Kaspersky) Downloaded from the Internet
{BLOCKED}g.net/intraf.php?kod={value}&site=www.surinamefoto.com http://www.{BLOCKED}r1.com/1.js http://www.w3.org/1999/xhtml It does not have rootkit capabilities. It does not exploit any vulnerability.
not have rootkit capabilities. It does not exploit any vulnerability. Ransom.Locky (Symantec); Ransom:Win32/Locky (Microsoft); Trojan-Ransom.Win32.Locky.bos (Kaspersky); Trojan-Ransom.Locky (Ikarus);
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be hosted on a website and run when a user
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
in all fixed, removable, and network drives and shares. It opens the following ransom notes after encryption: It does not have rootkit capabilities. It does not exploit any vulnerability.
following means: delivered by exploit kits Installation This Trojan drops the following component file(s): For Windows XP and below: %User Startup%\!{unique ID}{random character 1}.lnk - component that
This is the Trend Micro detection for suspicious files that manifest the characteristics of an exploited JSON format. It is a heuristic detection for a JNLP XML file that may execute a possibly
following means: delivered by exploit kits Installation This Trojan drops the following component file(s): For Windows XP and below: %User Startup%\!{unique ID}{random character 1}.lnk - component that