Search
Keyword: URL
to send and receive commands from a remote malicious user: {C&C domain name}/{8 random characters}{hard-coded string} NOTES: This backdoor may use proxy connections by connecting to the URL {Proxy
This is a Tumblr spam run that entices users to join online dating. It can spread by following the instructions on the said site. This URL points users to a malicious website, trk.{BLOCKED
capabilities: The inserted script contains the URL http://{BLOCKED}d.cn/2 This is the Trend Micro detection for Web pages that were compromised through the insertion of a certain malicious script.
bypasses popup blockers from Norton , Internet Explorer, and Google Toolbar. It opens a new browser window to the URL http://{BLOCKED}n.com/MzPD . Trojan:JS/Agent.FA(Microsoft),Trojan-Downloader.JS.IstBar.ce
CVE-2013-0080,CVE-2013-0083,CVE-2013-0084,CVE-2013-0085 This patch addresses vulnerabilities found in Microsoft SharePoint and Microsoft SharePoint Foundation. When exploited via a malicious URL
operations for cybercriminals. Based on our investigation, one of the methods that attackers used to lead users into downloading RCSAndroid is to send a specially crafted URL to the recipients/users via SMS or
\ Internet Explorer\SearchScopes\{5F40D7C0-7AE2-4DDF-95DF-36CF762E0C55} DisplayName = Search HKEY_CURRENT_USER\Software\Microsoft\ Internet Explorer\SearchScopes\{5F40D7C0-7AE2-4DDF-95DF-36CF762E0C55} URL =
This spyware may connect to a remote URL to download its configuration file. The said file contains information where the malware can download an updated copy of itself, and where to send its stolen
This spammed message spoofs Facebook notifications to entice users to click. When they do, they are redirected to a fake pharmacy site. Both the mail and URL are already blocked by Trend Micro. Users
mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;} TSPY_ZBOT.BXH accesses this URL to download its
mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;} TSPY_ZBOT.BXG accesses this URL to download its
the message by clicking the link. Clicking the URL directs users to a spoofed site that asks for user information such as credit card numbers, passwords, and other sensitive information.
the URL specified in the parameter KPpepELVG and saves it to the file specified in the parameter lPBi . It then executes the downloaded file. Exploit:Java/CVE-201204681.XN (Microsoft) Hosted on certain
malware/grayware or malicious users. NOTES: This malware arrives as an attachment of an email: When opened, it redirects to the site http://{BLOCKED}print.co.uk/wp-includes/js/dh/dhl.htm . However, the URL is
user’s GPS location, device ID, sim serial number. setting network preference of the smartphone. monitoring system event, such as screen on, screen off, start-up, wake-up. opening specified URL via user's
arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of hxds.dll. microsoft internet_explorer 10,microsoft internet_explorer 11,microsoft
inaccessible. Information Theft This backdoor accepts the following parameters: local - opens port remote1 - connect to url remote2 - connect to url Downloaded from the Internet, Dropped by other malware Connects
This Trojan may be unknowingly downloaded by a user while visiting malicious websites. This file contains a URL where it connects to possibly download other files. It deletes itself after execution.
affected system's HOSTS files Visit Website (Hidden) - visits url without user's knowledge Download and Execute file Extract stored credentials from affected system (e.g. Filezilla) Navigate Website (visible
to remotely execute shell commands from the URL specified by malicious remote user Http: - download and execute arbitrary file from a URL specified by the remote user x_ - sleep\idle for a span of time