Search
Keyword: URL
file. This malicious Java class accesses the "game_id" parameter in a certain HTML file that executes this file to get the URL where a binary can be downloaded. This Trojan may be dropped by other
have any backdoor routine. It does not drop any other file. It does not have any information-stealing capability. This file contains a URL where it connects to possibly download other files. However, as
downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the parameter passed on to it by its components. Hacktool Routine This hacking tool hacks
This Trojan downloads a possibly malicious file from a certain URL. The URL where this malware connects to depends on the parameter hppowndnkgnk passed onto it by its components. This Trojan arrives
Arrival Details This backdoor may be dropped by the following malware: W2KM_HANCITOR.B Backdoor Routine This backdoor executes the following commands from a remote malicious user: Download a file from a URL
Arrival Details This Trojan may be dropped by the following malware: W2KM_HANCITOR.YA Backdoor Routine This Trojan executes the following commands from a remote malicious user: Download a file from a URL
malware/grayware or malicious users. Installation This Trojan drops the following component file(s): %Application Data%\{random number}.vbs - component responsible for accessing a URL to download a file (Note:
malware/grayware or malicious users. Installation This Trojan drops the following component file(s): %Application Data%\{random number}.vbs - component responsible for accessing a URL to download a file (Note:
hacking tool may be manually installed by a user. Download Routine This hacking tool downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the
This URL is related to the recent Facebook Clickjacking. Other URLs with the same IP(67.205.74.19) include: {BLOCKED}ids101.info {BLOCKED}aldsexposedvideo.com {BLOCKED}ldstruthrevealed.com
TSPY_ZBOT.THX connects to this URL to download its configuration file. This is the Trend Micro detection for KINS Trojan, dubbed as the next ZeuS by media reports. Similar to ZeuS/ZBOT, it downloads
TSPY_ZBOT.THX connects to this URL to download its configuration file. This is the Trend Micro detection for KINS Trojan, dubbed as the next ZeuS by media reports. Similar to ZeuS/ZBOT, it downloads
anti-malware applications and counts the number of entries present: Avira ESET Kaspersky Lab Microsoft Antimalware It checks if the download link is available by accessing the URL http://{BLOCKED
non-malicious software %User Temp%\{8 Random Hex Values}\v.txt -> contains URL 1st connection status %User Temp%\{8 Random Hex Values}\v2.txt -> contains URL 2nd connection status %User Temp%\{8 Random Hex Values
This URL is related to the Tumblr scam, Online Income Solution . The scam pertains to bogus Tumblr posts informing users on how to make money online. Once users click the URL, they are redirected to
BKDR_CYCBOT.CP connects to this URL to send and receive commands from a remote malicious user. Below are the other URLs where this malware connects to ( with same blocking date and time): http://
This URL leads users to a phishing website that is designed to look like an official press release from General Electric (GE). The main text in this fake press release talks about how the company is
must lure a potential victim to click on a specially crafted URL that hosts an exploit to the said vulnerability. Microsoft Dynamics AX 2012
This spammed message purports to come from CNBC. It informs users that working part-time at home can earn them $10,000/month. Users who are tricked into clicking the URL for more additional details
This spammed message pretends to come from Facebook . It guises as its notification to trick users into thinking that it is legitimate. It also has a URL that points to a pharmaceutical site. Users