Search
Keyword: JS_EXPLOIT
This Trojan executes when a user accesses certain websites where it is hosted. It inserts an IFRAME tag that redirects users to certain URLs. Arrival Details This Trojan executes when a user accesses
{malicious link}','%apPdatA%{random characters}.exe'); sTarT-pROCESs '%appdata%{random characters}.eXe'; It does not exploit any vulnerability. NOTES: This malware arrives through a DOC file. It is embedded
activation by the user: Upon execution of this malicious embedded JS file, it displays the following message box to trick the user: It does not have rootkit capabilities. It does not exploit any vulnerability.
user: Upon execution of this malicious embedded JS file, it displays the following message box to trick the user: It does not have rootkit capabilities. It does not exploit any vulnerability.
8.1 (32- and 64-bit), Windows Server 2008, and Windows Server 2012.) It does not exploit any vulnerability. NOTES: This malware arrives through a Word Document file. It is embedded and will execute its
This description is based on compiled analysis of several variants of JS_BLACOLE This is the Trend Micro detection for malicious scripts that redirects users to possibly malicious URL(s). This Trojan
This Trojan may be hosted on a website and run when a user accesses the said website. It inserts an IFRAME tag that redirects users to certain URLs. Arrival Details This Trojan may be hosted on a
This Trojan may be hosted on a website and run when a user accesses the said website. This is the Trend Micro detection for files that contain a malicious script. It redirects browsers to certain
Windows Server 2012.) NOTES: It does not have rootkit capabilities. It does not exploit any vulnerability. TrojanDownloader:JS/Swabfex.P (Microsoft); JS/Nemucod.mt (McAfee); JS/TrojanDownloader.Nemucod.AVG
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes the downloaded files. As a result, malicious routines of the downloaded files
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes the downloaded files. As a result, malicious routines of the downloaded files
information and reports it to its servers: Volume Serial ID Computer Name User Name OS Version Installed AV Softwares NOTES: It does not have rootkit capabilities. It does not exploit any vulnerability.
Details This Trojan is a zero-day exploit for the following vulnerability: CVE-2015-0311 NOTES: Once a compromised website is visited, the user's browser with a vulnerable version of Adobe Flash loads a
This Trojan executes when a user accesses certain websites where it is hosted. However, as of this writing, the said sites are inaccessible. Arrival Details This Trojan executes when a user accesses
This Trojan executes when a user accesses certain websites where it is hosted. It inserts an IFRAME tag that redirects users to certain URLs. Arrival Details This Trojan executes when a user accesses
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be hosted on a website and run when a user
routine upon activation by the user: Upon execution of this malicious embedded JS file, it displays the following message box to trick the user: It does not have rootkit capabilities. It does not exploit
"user_pref(\"network.dns.blockDotOnion\", false);" "user_pref(\"security.enterprise_roots.enabled\", true);" It uses the Eternal Blue Exploit to upload logs containing the
This Trojan may be hosted on a website and run when a user accesses the said website. This is the Trend Micro detection for files that contain a malicious script. It redirects browsers to certain
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes the downloaded files. As a result, malicious routines of the downloaded files