Search
Keyword: PDF_FAREIT
This Trojan arrives as attachment to mass-mailed email messages. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are
%Temp%\IXP000.tmp\sslvpn.tmp - decoy pdf document %Desktop%\sslvpnmanual.pdf - decoy pdf document (Note: %Temp% is the Windows temporary folder, where it usually is C:\Windows\Temp on all Windows
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
and dropped file once it is closed. NOTES: The PDF file contains the following fake details luring users to enable macro content/program: Trojan.Pidief.X (Symantec); Troj/PDFDoc-O (Sophos);
This malware shows fake message inside the PDF tricking the users to click on the link. This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It
This malware shows the following fake message inside the PDF tricking the users to click on the link: PDF/Phishing.A.Gen (ESET-NOD32) Spammed via email Connects to URLs/IPs
}ec.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQckPwgwK2Thdm9JYVwXQ4ERz3XDQQUo47PGUI9MeGrIYmEbcvZeaKysloCEHX7Uch2jvaSe%2FQdoaI0odk%3D http://evcs-crl.ws.{BLOCKED}ec.com/evcs.crl http://osh10.{BLOCKED}r.go.th/cache/Outlook365/365.HTML NOTES: Accessing the link on the PDF redirects the user to a remote website where
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
Other Details This Trojan does the following: It deletes the created folder and dropped file once it is closed. Depending on the PDF reader used, it may drop the document on a different folder in %User
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
connects to the following possibly malicious URL: http://{BLOCKED}dsmartwatchchargingstands.com/good/great/secure.php?whipp=brickz This is the Trend Micro detection for: PDF files that contains a link to a
following link: https://{BLOCKED}adecv.com/activate/ad/index.php However, as of this writing, the said sites are inaccessible. NOTES: This malware shows the following fake message inside the PDF tricking the
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. NOTES: This is the Trend Micro detection for PDF files that open a website in a browser when a
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It does not have any propagation routine. It does not have any backdoor routine. Arrival
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. Arrival Details This Trojan arrives as an attachment to email messages spammed by other