Search
Keyword: URL
BKDR_BLYPT.A connects to this URL to send and receive commands from a remote malicious user. This backdoor is a variant of the malware family BLYPT. It uses binary large objects (BLOB) to store
BKDR_BLYPT.A connects to this URL to send and receive commands from a remote malicious user. This backdoor is a variant of the malware family BLYPT. It uses binary large objects (BLOB) to store
BKDR_BLYPT.A connects to this URL to send and receive commands from a remote malicious user. This backdoor is a variant of the malware family BLYPT. It uses binary large objects (BLOB) to store
BKDR_BLYPT.A connects to this URL to send and receive commands from a remote malicious user. This backdoor is a variant of the malware family BLYPT. It uses binary large objects (BLOB) to store
BKDR_BLYPT.A connects to this URL to send and receive commands from a remote malicious user. This backdoor is a variant of the malware family BLYPT. It uses binary large objects (BLOB) to store
BKDR_BLYPT.A connects to this URL to send and receive commands from a remote malicious user. This backdoor is a variant of the malware family BLYPT. It uses binary large objects (BLOB) to store
BKDR_BLYPT.A connects to this URL to send and receive commands from a remote malicious user. This backdoor is a variant of the malware family BLYPT. It uses binary large objects (BLOB) to store
BKDR_BLYPT.A connects to this URL to send and receive commands from a remote malicious user. This backdoor is a variant of the malware family BLYPT. It uses binary large objects (BLOB) to store
BKDR_BLYPT.A connects to this URL to send and receive commands from a remote malicious user. This backdoor is a variant of the malware family BLYPT. It uses binary large objects (BLOB) to store
Unspecified vulnerability in the Streams component in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) by accessing an ftp:// URL during use of an
phishing attacks via a double-encoded URL in the "destination" parameter. Apply associated Trend Micro DPI Rules. 1006346|
to send and receive commands from a remote malicious user: {C&C domain name}/{8 random characters}{hard-coded string} NOTES: This backdoor may use proxy connections by connecting to the URL {Proxy
the following commands from a remote malicious user: Download and save file from a specific URL and execute it Download file from a specific URL and inject to svchost.exe Download file from a specific
characters}.mp3 - acquired from the "url" parameter It saves the files it downloads using the following names: %User Temp%\{4 random characters}.exe (Note: %User Temp% is the current user's Temp folder, which
This URL is used in a phishing attack that specifically targets clients of Khaleeji Commerical Bank. The phishing email informs clients that they need to log into their online account to activate and
This spammed message entices users to buy replica watches in time for Mother’s day celebration. It contains a .JPG attachment ( image001.jpg ) and a URL pointing to a spam website, hxxp://www.
This URL is related to a mass compromise. When a user accesses a compromised website, the user is redirected to this URL, which hosts the malware TROJ_FAKEAV.BBK. Other URLs that are related to the
JAVA_EXPLOYT.RO connects to this URL to possibly download other malicious files after successfully exploiting a vulnerability. This malware is related to the Blackhole Exploit kit spam campaign on
Arrival Details This Trojan may be downloaded from the following remote sites: http://{BLOCKED}grands.in Download Routine This Trojan downloads a possibly malicious file from a certain URL. The URL
messages appear like they came come from WikiLeak, as indicated in the From field. It bears “IRAN Nuclear BOMB!” as its subject and contains the URL hxxp://wikileaks1. {BLOCKED} a.com , which has been