Keyword: URL
43719 Total Search   |   Showing Results : 81 - 100
  Previous   Next  
TROJ_ZCLICK.H
}us-hls.su http://{BLOCKED}rusn.su http://{BLOCKED}guret.su http://{BLOCKED}ower.su Information Theft This Trojan s configuration file contains the following information: Search URL (referrer url) Update URL
TROJ_ZCLICK.WRH
This Trojan s configuration file contains the following information: Search URL (referrer url) Update URL (new C&C) Click URL (redirection url source) Mutex Name Flash URL NOTES: It hooks the following
TROJ_KRYPTK.SMVI
Information Theft This Trojan s configuration file contains the following information: Search URL (referrer url), e.g., http://{BLOCKED}nameall.com Update URL (new C&C), e.g., http://{BLOCKED}i.com, http://
ADW_WINUSEC
" HKEY_CURRENT_USER\Software\winservice86\ Plugins\94 Name = "IEPopup" HKEY_CURRENT_USER\Software\winservice86\ Plugins\94 JavaScript = "{random characters}" HKEY_CURRENT_USER\Software\winservice86\ Plugins\94 Url =
SWF_EXPLOIT.LE
This Trojan is capable of downloading files. However, it does not contain the URL where the file can be downloaded. This Trojan arrives on a system as a file dropped by other malware or as a file
HTML_AGENT.SMJ
shown below. This is a Trend Micro detection for specially crafted email messages that contain a malicious script. The said script connects to a URL to download and run another malicious script detected
TROJ_DLOADR.AUSUBY
users when visiting malicious sites. Download Routine This Trojan downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the parameter passed
Microsoft Data Access Object Recordset Remote Code Execution
CVE-2010-0027,MS11-002,MS10-007,MS10-002 The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000 SP4, XP SP2 and
Microsoft Outlook Web Access For Exchange Server 'redir.asp' URI Redirection Vulnerability
arbitrary web sites and conduct phishing attacks via a URL in the URL parameter. microsoft exchange_server 2003 Trend Micro Deep Security shields networks through Deep Packet Inspection (DPI) rules. Trend
TROJ_CIMUZ
{D032570A-5F63-4812-A094-87D007C23012} HKEY_CURRENT_USER\Software\AppDataLow HKEY_CURRENT_USER\Software\AppDataLow\ BHOinit url = "http://{BLOCKED}ckupforu.com/dgabbana/" HKEY_CURRENT_USER\Software\AppDataLow\ BHOinit url2 = “http://
TSPY_CIMUZ
{D032570A-5F63-4812-A094-87D007C23012} HKEY_CURRENT_USER\Software\AppDataLow HKEY_CURRENT_USER\Software\AppDataLow\ BHOinit url = "http://{BLOCKED}ckupforu.com/dgabbana/" HKEY_CURRENT_USER\Software\AppDataLow\ BHOinit url2 = “http://
Coinminer.Linux.MALXMR.UWEIU
this pool will be top priority. -o, --url URL ->pool url and port. -O, --tls-url URL ->TLS pool url and port. -u, --user USERNAME ->pool user name or wallet address -r, --rigid RIGID ->rig identifier for
BKDR_CIMUZ
{D032570A-5F63-4812-A094-87D007C23012} HKEY_CURRENT_USER\Software\AppDataLow HKEY_CURRENT_USER\Software\AppDataLow\ BHOinit url = "http://{BLOCKED}ckupforu.com/dgabbana/" HKEY_CURRENT_USER\Software\AppDataLow\ BHOinit url2 = “http://
CIMUZ
{D032570A-5F63-4812-A094-87D007C23012} HKEY_CURRENT_USER\Software\AppDataLow HKEY_CURRENT_USER\Software\AppDataLow\ BHOinit url = "http://{BLOCKED}ckupforu.com/dgabbana/" HKEY_CURRENT_USER\Software\AppDataLow\ BHOinit url2 = “http://
JAVA_DLOADR.BLQ
This Trojan may be hosted on a website and run when a user accesses the said website. It downloads a file from a certain URL then renames it before storing it in the affected system. It executes the
Coinminer.Win32.MALXMR.TIAOODCI
to the following URL for coinmining activities: http:\\mine.{BLOCKED}l.com:80 It is executed by Worm.Win32.BLASQUI.A using the following parameters: -o stratum+tcp://mine.{BLOCKED}l.com:80 -u {User
Coinminer.Win64.TOOLXMR.AS
to the following URL for coinmining activities: http:\\mine.{BLOCKED}l.com:80 It is executed by Worm.Win32.BLASQUI.A using the following parameters: -o stratum+tcp://mine.{BLOCKED}l.com:80 -u {User
BKDR_HANCITOR.JLC
save file from a specific URL and execute it Download file from a specific URL and inject to svchost.exe Download file from a specific URL and execute in memory It connects to the following URL(s) to
TROJ_ZCLICK.PQT
http://{BLOCKED}reen.ru/b/opt/{hash} http://{BLOCKED}n-vaper.su/b/opt/{hash} However, as of this writing, the said sites are inaccessible. This configuration file may contain the following: Click URL
TROJ_ZCLICK.B
This spyware s configuration file contains the following information: Search URL (referrer url), e.g., http://{BLOCKED}nameall.com Update URL (new C&C), e.g., http://{BLOCKED}i.com, http://{BLOCKED