Search

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes registry entries, causing some applications

This Trojan may be dropped by other malware. Arrival Details This Trojan may be dropped by the following malware: TROJ_DROPPER.OKQ Autostart Technique This Trojan adds the following registry entries

This Trojan may be downloaded by other malware/grayware/spyware from remote sites. It may be dropped by other malware. Arrival Details This Trojan may be downloaded by other malware/grayware/spyware

This worm drops copies of itself into all the physical drives of an affected system. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an

Heuristic Detection This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware: TSPY_MAGANIA (also known as GAMETHI,

Heuristic Detection This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware: ONLINEG If your Trend Micro product

Description Name: OLGM TCP request - Class 1 . This is Trend Micro detection for packets passing through TCP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some indicators o...

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be downloaded by other malware/grayware/spyware

NOTES: The pattern Possible_SMPHISHMR targets suspicious HTML files that share characteristics related to phishing.

to be able to extract and execute the embedded executable on the Java file. exec xkey It then used the value from the parameter to access a possible malicious URL to download and execute possible

This is the Trend Micro heuristic detection for suspicious configuration files that manifest similar behavior and characteristics of component configuration file for the following malware:

This is the Trend Micro heuristic detection for suspicious configuration files that manifest similar behavior and characteristics of component configuration file for the following malware:

Heuristic Detection This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware: ELF_XORDDOS If your Trend Micro

gathers information on the affected system and sends the information to a C&C server to determine the payload to be sent to the affected system. One of the possible payloads includes DRIDEX,

Description Name: POSSIBLE JSP WEBSHELL UPLOAD EXPLOIT - HTTP (REQUEST) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type o...

Description Name: POSSIBLE HTTP URI OGNL EXPRESSION EXPLOIT - HTTP (REQUEST) - Variant 3 . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhib...

Description Name: POSSIBLE HTTP BODY OGNL EXPRESSION EXPLOIT - HTTP (REQUEST) - Variant 2 . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhi...

Description Name: POSSIBLE HTTP HEADER OGNL EXPRESSION EXPLOIT - HTTP(REQUEST) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this...

http://sjc1-te-cmsap1.sdi.trendnet.org/dumpImages/163201052256.jpeg How does this threat affect users? Users receive spammed messages supposedly from CNN Mexico containing news of Michael Jackson's

/root/.ksh_history rootable - Enumerates possible root exploits in the infected system socks5 - Set up SOCKSv5 protocol sendmail - Send an email to a target Perl/Shellbot (McAfee), Mal/PerlBot-A (Sophos) Shellshock