Search
Keyword: URL
malicious file from a certain URL. The URL where this malware downloads the said file depends on the parameter passed on to it by its components. Other Details This Trojan takes advantage of an unknown
}illamil.com/dqzo2 It saves the files it downloads using the following names: %User Temp%\ksm9pxbTu3U.exe - when url is accessible %User Temp%\ksm9pxbTu3U - when the url is inaccessible (Note: %User Temp% is the
\JNOfHRYxYIfKOnw -> if URL is inaccessible %User Temp%\JNOfHRYxYIfKOnw.exe -> if URL is accessible (Note: %User Temp% is the user's temporary folder, where it usually is C:\Documents and Settings\{user name}\Local
if URL is inaccessible %User Temp%\Rog8aOeIr.exe -> if URL is accessible (Note: %User Temp% is the user's temporary folder, where it usually is C:\Documents and Settings\{user name}\Local Settings\Temp
It saves the files it downloads using the following names: %User Temp%\ZraPhEmJWMGJrm.exe - when url is accessible %User Temp%\ZraPhEmJWMGJrm - when the url is inaccessible (Note: %User Temp% is the
messages. Download Routine This Trojan saves the files it downloads using the following names: %User Temp%\l2s4SmQcK.exe - when url is accessible %User Temp%\l2s4SmQcK - when the url is inaccessible (Note:
messages. Download Routine This Trojan saves the files it downloads using the following names: %User Temp%\yDyZve7WAOeXEAxQ.exe - when url is accessible %User Temp%\yDyZve7WAOeXEAxQ - when the url is
\WindowsPowerShell\v1.0\powershell.exe Downloads and save files to a specific directory: URL download Link: http://{BLOCKED}.{BLOCKED}.83.140/2.exe Saves to the following directories: %Windows%\migration\2.exe
BKDR_MATSNU.MCB connects to this URL to send and receive commands from a remote malicious user. This malware has the capability to wipe the Master Boot Record (MBR). Once done, infected systems won’t
BKDR_MATSNU.MCB connects to this URL to send and receive commands from a remote malicious user. This malware has the capability to wipe the Master Boot Record (MBR). Once done, infected systems won’t
BKDR_MATSNU.MCB connects to this URL to send and receive commands from a remote malicious user. This malware has the capability to wipe the Master Boot Record (MBR). Once done, infected systems won’t
BKDR_MATSNU.MCB connects to this URL to send and receive commands from a remote malicious user. This malware has the capability to wipe the Master Boot Record (MBR). Once done, infected systems won’t
BKDR_MATSNU.MCB connects to this URL to send and receive commands from a remote malicious user. This malware has the capability to wipe the Master Boot Record (MBR). Once done, infected systems won’t
BKDR_MATSNU.MCB connects to this URL to send and receive commands from a remote malicious user. This malware has the capability to wipe the Master Boot Record (MBR). Once done, infected systems won’t
BKDR_MATSNU.MCB connects to this URL to send and receive commands from a remote malicious user. This malware has the capability to wipe the Master Boot Record (MBR). Once done, infected systems won’t
BKDR_MATSNU.MCB connects to this URL to send and receive commands from a remote malicious user. This malware has the capability to wipe the Master Boot Record (MBR). Once done, infected systems won’t
crafted URL to a target site. Windows Server 2008 R2,Windows Server 2012,Windows Server 2008
CVE-2001-0731 Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string. Apply associated Trend
BKDR_BLYPT.A connects to this URL to send and receive commands from a remote malicious user. This backdoor is a variant of the malware family BLYPT. It uses binary large objects (BLOB) to store
BKDR_BLYPT.A connects to this URL to send and receive commands from a remote malicious user. This backdoor is a variant of the malware family BLYPT. It uses binary large objects (BLOB) to store